EUVD-2026-8713

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, users with the "Forms administration" role can fill questionnaires "forms" in patient encounters. The answers to the forms are displayed on the encounter page and in th...

PT-2026-21980

Name of the Vulnerable Software and Affected Versions OpenEMR versions prior to 8.0.0 Description OpenEMR is an electronic health records and medical practice management application. A stored cross-site scripting XSS issue exists in the function responsible for displaying form answers. An...

PT-2026-20389

When hours are entered in time@work, version 7.0.5, it performs a query to display the projects assigned to the user. If the query URL is copied and opened in a new browser window, the ‘IDClient’ parameter is vulnerable to a blind authenticated SQL injection. If the request is made with the TWAdm...

EUVD-2016-5973

Malware in sbrugna...

EUVD-2021-27712

Malicious code in bioql PyPI...

CVE-2021-40537

Server Side Request Forgery SSRF vulnerability exists in owncloud/userldap 0.15.4 in the settings of the userldap app. Administration role is necessary for exploitation...

CVE-2021-40537

Server Side Request Forgery SSRF vulnerability exists in owncloud/userldap 0.15.4 in the settings of the userldap app. Administration role is necessary for exploitation...

CVE-2021-40537

Server Side Request Forgery SSRF vulnerability exists in owncloud/userldap 0.15.4 in the settings of the userldap app. Administration role is necessary for exploitation...

Server side request forgery (ssrf)

Server Side Request Forgery SSRF vulnerability exists in owncloud/userldap 0.15.4 in the settings of the userldap app. Administration role is necessary for exploitation...

CVE-2021-40537

Server Side Request Forgery SSRF vulnerability exists in owncloud/userldap 0.15.4 in the settings of the userldap app. Administration role is necessary for exploitation...

Meta tags quick - Moderately critical - Cross Site Scripting - SA-CONTRIB-2019-057

Metatags quick is a module that manages meta tags tags that appear in HTML's head section as Drupal 7 fields. Administration page of metatags quick does not sanitize the output of blocks that appear on the same page. This allows an attacker to inject malicious JavaScript in block markup. This...

CVE-2016-5020

F5 BIG-IP before 12.0.0 HF3 allows remote authenticated users to modify the account configuration of users with the Resource Administration role and gain privilege via a crafted external Extended Application Verification EAV monitor script...

F5 Networks BIG-IP : Custom monitor privilege escalation vulnerability (K00265182)

F5 BIG-IP before 12.0.0 HF3 allows remote authenticated users to modify the account configuration of users with the Resource Administration role and gain privilege via a crafted external Extended Application Verification EAV monitor script. CVE-2016-5020 Impact An attacker may be able to use a...