Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

OSV
OSVadded 2020/07/29 2:15 p.m.1 views

CVE-2020-14488

OpenClinic GA 5.09.02 and 5.89.05b does not properly verify uploaded files, which may allow a low-privilege user to upload and execute arbitrary files on the system...

8.8CVSS7.5AI score0.00312EPSS
Exploits0References1
OSV
OSVadded 2020/07/29 1:15 p.m.1 views

CVE-2020-14492

OpenClinic GA 5.09.02 and 5.89.05b does not properly neutralize user-controllable input, which may allow the execution of malicious code within the user’s browser...

6.1CVSS6.9AI score
Exploits0References1
OSV
OSVadded 2020/07/29 1:15 p.m.1 views

CVE-2020-14493

A low-privilege user may use SQL syntax to write arbitrary files to the OpenClinic GA 5.09.02 and 5.89.05b server, which may allow the execution of arbitrary commands...

8.8CVSS6AI score0.00473EPSS
Exploits0References1
Prion
Prionadded 2020/07/29 1:15 p.m.9 views

Command injection

A low-privilege user may use SQL syntax to write arbitrary files to the OpenClinic GA 5.09.02 and 5.89.05b server, which may allow the execution of arbitrary commands...

6.5CVSS9.2AI score0.00473EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2020/07/29 12:27 p.m.15 views

CVE-2020-14493 OpenClinic GA

A low-privilege user may use SQL syntax to write arbitrary files to the OpenClinic GA 5.09.02 and 5.89.05b server, which may allow the execution of arbitrary commands...

8.8CVSS9AI score0.00473EPSS
Exploits0References1
CVE
CVEadded 2020/07/29 12:25 p.m.40 views

CVE-2020-14490

OpenClinic GA versions 5.09.02 and 5.89.05b contain a path traversal vulnerability (CWE-22) that allows arbitrary local files to be specified via parameters and may execute uploaded files, risking disclosure of sensitive data and code execution. The issue corresponds to CVE-2020-14490; root cause...

8.8CVSS8.6AI score0.00638EPSS
Exploits0References1Affected Software1
OSV
OSVadded 2020/07/20 3:15 p.m.0 views

CVE-2020-14494

OpenClinic GA versions 5.09.02 and 5.89.05b contain an authentication mechanism within the system that does not provide sufficient complexity to protect against brute force attacks, which may allow unauthorized users to access the system after no more than a fixed maximum number of attempts...

9.8CVSS7.2AI score0.00214EPSS
Exploits0References1
OSV
OSVadded 2020/07/20 3:15 p.m.0 views

CVE-2020-14484

OpenClinic GA versions 5.09.02 and 5.89.05b may allow an attacker to bypass the system’s account lockout protection, which may allow brute force password attacks...

9.8CVSS7.3AI score
Exploits0References1
Prion
Prionadded 2020/07/20 3:15 p.m.5 views

Sql injection

OpenClinic GA versions 5.09.02 and 5.89.05b may allow an attacker to bypass client-side access controls or use a crafted request to initiate a session with limited functionality, which may allow execution of admin functions such as SQL queries...

7.5CVSS9.5AI score0.00612EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2020/07/20 2:45 p.m.9 views

CVE-2020-14485

OpenClinic GA versions 5.09.02 and 5.89.05b may allow an attacker to bypass client-side access controls or use a crafted request to initiate a session with limited functionality, which may allow execution of admin functions such as SQL queries...

9.7AI score0.00612EPSS
Exploits0References1
Rows per page
Query Builder