Lucene search
+L

62 matches found

Cvelist
Cvelist
added 2026/03/02 11:9 a.m.31 views

CVE-2025-10350 SQL injection in CGM NETRAAD

SQL Injection vulnerability in "imageserver" module when processing C-FIND queries in CGM NETRAAD software allows attacker connected to PACS gaining access to database, including data processed by GCM CLININET software.This issue affects CGM NETRAAD with imageserver module in versions before 7.9....

8.8CVSS0.00186EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/02 11:9 a.m.6 views

EUVD-2025-208145

SQL Injection vulnerability in "imageserver" module when processing C-FIND queries in CGM NETRAAD software allows attacker connected to PACS gaining access to database, including data processed by GCM CLININET software.This issue affects CGM NETRAAD with imageserver module in versions before 7.9....

8.8CVSS6AI score0.00186EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/02 12:0 a.m.9 views

CGM CLININET 访问控制错误漏洞

CGM CLININET is a hospital information management system developed by the German company CGM. CGM CLININET has a vulnerability related to access control, which allows for complete bypass of authentication procedures. This vulnerability may lead to session hijacking and privilege escalation...

9CVSS5.8AI score0.00207EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/02 12:0 a.m.13 views

PT-2026-22575

In the endpoints "/cgi-bin/CliniNET.prd/utils/usrlogstat simple.pl", "/cgi-bin/CliniNET.prd/utils/usrlogstat.pl", "/cgi-bin/CliniNET.prd/utils/userlogstat2.pl", and "/cgi-bin/CliniNET.prd/utils/dblogstat.pl", the parameters are not sufficiently normalized, which enables code injection...

9.4CVSS6AI score0.00544EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/02 12:0 a.m.9 views

CGM CLININET 安全漏洞

CGM CLININET is a hospital information management system developed by the German company CGM. CGM CLININET has a security vulnerability that stems from the use of direct and continuous object identifiers called MessageID, without proper authorization checks. This vulnerability could allow attacke...

7.5CVSS5.8AI score0.00215EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/02 12:0 a.m.10 views

PT-2026-22573

The vulnerability enables an attacker to fully bypass authentication in CGM CLININET and gain access to any active user account by supplying only the username, without requiring a password or any other credentials. Obtaining a session ID is sufficient for session takeover and grants access to the...

9CVSS6AI score0.00207EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/02 12:0 a.m.7 views

CGM CLININET SQL注入漏洞

CGM CLININET is a hospital information management system developed by the German company CGM. CGM CLININET has a SQL injection vulnerability, which stems from the SQL injection vulnerability present in the validateOrgUnit function within the CheckUnitCodeAndKey.pl service...

6.9CVSS5.8AI score0.0019EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/02 12:0 a.m.6 views

CGM CLININET 安全漏洞

CGM CLININET is a hospital information management system developed by the German company CGM. CGM CLININET has a security vulnerability, which stems from the absence of necessary security HTTP headers in responses. This vulnerability may lead to client-side attacks such as clickjacking, MIME...

5.3CVSS5.8AI score0.00184EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/02 12:0 a.m.9 views

PT-2026-22577

The CGM CLININET application uses direct, sequential object identifiers "MessageID" without proper authorization checks. By modifying the parameter in the GET request, an attacker can access messages and attachments belonging to other users...

8.8CVSS5.9AI score0.00215EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-27768

Malicious code in bioql PyPI...

9.4CVSS6.2AI score0.00231EPSS
Exploits0References1
CNVD
CNVD
added 2025/08/29 12:0 a.m.7 views

CGM CLININET SQL Injection Vulnerability (CNVD-2025-19810)

CGM CLININET is a hospital information management system from CGM Germany. CGM CLININET suffers from a SQL injection vulnerability that originates from the lack of validation of the UserID parameter of the getUserInfo function against external input SQL statements. An attacker can exploit this...

9.4CVSS8.1AI score0.00231EPSS
Exploits0References1
CNVD
CNVD
added 2025/08/29 12:0 a.m.5 views

CGM CLININET SQL Injection Vulnerability (CNVD-2025-19811)

CGM CLININET is a hospital information management system from CGM Germany. CGM CLININET suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the UserID parameter of the OpenReportWindow.pl file. An attacker can exploit this...

9.4CVSS8AI score0.00231EPSS
Exploits0References1
CNVD
CNVD
added 2025/08/29 12:0 a.m.1 views

Unspecified Vulnerability in CGM CLININET

CGM CLININET is a hospital information management system from CGM Germany. CGM CLININET has a security vulnerability that can be exploited by attackers to potentially cause information leakage...

9.4CVSS6.7AI score0.00231EPSS
Exploits0References1
CNVD
CNVD
added 2025/08/29 12:0 a.m.3 views

CGM CLININET Code Injection Vulnerability

CGM CLININET is a hospital information management system from CGM Germany. CGM CLININET suffers from a code injection vulnerability that stems from the ConvertToPDF function's filename parameter failing to properly filter special elements of the constructed code segment. An attacker can exploit...

9.4CVSS8AI score0.00737EPSS
Exploits0References1
CNVD
CNVD
added 2025/08/29 12:0 a.m.3 views

CGM CLININET SQL Injection Vulnerability

CGM CLININET is a hospital information management system from CGM Germany. CGM CLININET suffers from an SQL injection vulnerability that originates from the lack of validation of the pesel parameter of the getPatientIdentifier function against externally entered SQL statements. An attacker can...

9.4CVSS8.1AI score0.00231EPSS
Exploits0References1
CNVD
CNVD
added 2025/08/29 12:0 a.m.3 views

CGM CLININET Access Control Error Vulnerability (CNVD-2025-19816)

CGM CLININET is a hospital information management system from CGM Germany. CGM CLININET suffers from an Access Control Error vulnerability that originates from improper access control in /cgi-bin/CliniNET.prd/utils/userlogxls.pl, which can be exploited by an attacker to gain unauthorized access t...

9.4CVSS6.8AI score0.00231EPSS
Exploits0References1
CNVD
CNVD
added 2025/08/29 12:0 a.m.3 views

CGM CLININET Code Injection Vulnerability (CNVD-2025-19815)

CGM CLININET is a hospital information management system from CGM Germany. CGM CLININET suffers from a code injection vulnerability that stems from the uhcPrintServerPrint function failing to properly filter special elements of the constructed code segment. An attacker could exploit this...

9.4CVSS8AI score0.00231EPSS
Exploits0References1
CNVD
CNVD
added 2025/08/29 12:0 a.m.3 views

CGM CLININET Code Injection Vulnerability (CNVD-2025-19812)

CGM CLININET is a hospital information management system from CGM Germany. CGM CLININET suffers from a code injection vulnerability that stems from the RunCommand function failing to properly filter the special elements of the constructor code segment. An attacker can exploit this vulnerability t...

9.4CVSS8AI score0.00231EPSS
Exploits0References1
CNVD
CNVD
added 2025/08/29 12:0 a.m.3 views

CGM CLININET Trust Management Issue Vulnerability

CGM CLININET is a hospital information management system from CGM Germany. CGM CLININET suffers from a trust management issue vulnerability that stems from the decodeParam function not verifying the signature algorithm, which can be exploited by an attacker to generate arbitrary user sessions...

9.4CVSS6.8AI score0.00231EPSS
Exploits0References1
NVD
NVD
added 2025/08/27 11:15 a.m.4 views

CVE-2025-30041

The paths "/cgi-bin/CliniNET.prd/utils/userlogstat.pl", "/cgi-bin/CliniNET.prd/utils/usrlogstat.pl", and "/cgi-bin/CliniNET.prd/utils/dblogstat.pl" expose data containing session IDs...

9CVSS0.00165EPSS
Exploits0References1
Rows per page
Query Builder