4 matches found
OpenEMR 跨站请求伪造漏洞
OpenEMR is an open source medical management system from the OpenEMR Openemr community. The system can be used for medical practice management, electronic medical records, prescription writing and medical billing requests. A cross-site request forgery vulnerability exists in OpenEMR version...
OpenEMR 4.1.1 Patch 14 SQLi Privilege Escalation Remote Code Execution
This Metasploit module exploits a vulnerability found in OpenEMR version 4.1.1 Patch 14 and lower. When logging in as any non-admin user it's possible to retrieve the admin SHA1 password hash from the database through SQL injection. The SQL injection vulnerability exists in the...
OpenEMR 4.1.1 Patch 14 - SQL Injection / Privilege Escalation / Remote Code Execution (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "OpenEMR 4.1.1 Pat...
OpenEMR 4.1.1 Patch 14 SQL Injection / Shell Upload
Exploit Title: OpenEMR 4.1.1 Patch 14 Multiple Vulnerabilities Date: Sep 17 2013 Exploit Author: xistence Vendor Homepage: www.open-emr.org Tested on: CentOS 5.9 32-bit Affected Version : 4.1.1 Patch 14 and lower Fix: Upgrade to OpenEMR 4.1.2 Software details: OpenEMR is a Free and Open Source...