2 matches found
CVE-2020-27226
An exploitable SQL injection vulnerability exists in ‘quickFile.jsp’ page of OpenClinic GA 5.173.3. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability...
CVE-2020-27226
CVE-2020-27226 affects OpenClinic GA 5.173.3, specifically the web page bannered as quickFile.jsp (statistics/quickFile.jsp). The vulnerability is an authenticated SQL injection in the PatientUID parameter of quickFile.jsp, triggered via a POST to the OpenClinic GA portal (example: POST /openclin...