CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

387 matches found

RedhatCVE•added 2026/06/11 2:59 a.m.•10 views

CVE-2026-25860

OpenClinic GA 5.351.19 contains a reflected cross-site scripting vulnerability in the DICOM image upload handler that allows attackers to execute arbitrary JavaScript in a victim's browser by embedding malicious payloads in DICOM file metadata fields. Attackers can craft a DICOM file with...

6.1CVSS5.6AI score0.00293EPSS

Exploits1References1

EUVD•added 2026/06/10 12:31 a.m.•9 views

EUVD-2026-35842

6.1CVSS5.6AI score0.00293EPSS

Exploits1References4

NVD•added 2026/06/09 10:16 p.m.•9 views

CVE-2026-25860

6.1CVSS0.00293EPSS

Exploits1References3

Cvelist•added 2026/06/09 9:9 p.m.•30 views

CVE-2026-25860 OpenClinic GA 5.351.19 Reflected XSS via DICOM Image Upload Handler

6.1CVSS0.00293EPSS

Exploits1References3

Vulnrichment•added 2026/06/09 9:9 p.m.•4 views

CVE-2026-25860 OpenClinic GA 5.351.19 Reflected XSS via DICOM Image Upload Handler

6.1CVSS5.6AI score0.00293EPSS

Exploits1References3

CVE•added 2026/06/09 9:9 p.m.•37 views

CVE-2026-25860

OpenClinic GA 5.351.19 is affected by a reflected XSS in the DICOM image upload handler. An attacker can embed JavaScript in DICOM metadata (e.g., Study Description) which is reflected in popup.jsp and archiving/uploadfiles_jsp.java during the Upload DICOM images workflow, enabling arbitrary scri...

6.1CVSS5.6AI score0.00293EPSS

Exploits1References3

CNNVD•added 2026/06/09 12:0 a.m.•11 views

Post-Factum BV OpenClinic GA 跨站脚本漏洞

Post-Factum BV OpenClinic GA is an open-source hospital information management system developed by the Belgian company Post-Factum BV. This system supports functions such as financial management, clinical management, and laboratory management. Version 5.351.19 of Post-Factum BV OpenClinic GA...

6.1CVSS5.3AI score0.00293EPSS

Exploits1References1

Positive Technologies•added 2026/06/09 12:0 a.m.•14 views

PT-2026-48279

Name of the Vulnerable Software and Affected Versions OpenClinic GA version 5.351.19 Description A reflected cross-site scripting issue exists in the DICOM image upload handler. Attackers can execute arbitrary JavaScript in a victim's browser by embedding malicious payloads in DICOM file metadata...

6.1CVSS6.7AI score0.00293EPSS

Exploits1References8

RedhatCVE•added 2026/01/09 12:31 p.m.•5 views

CVE-2023-40277

An issue was discovered in OpenClinic GA 5.247.01. A Reflected Cross-Site Scripting XSS vulnerability has been discovered in the login.jsp message parameter...

6.1CVSS5.9AI score0.0045EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 12:30 p.m.•7 views

CVE-2023-40279

An issue was discovered in OpenClinic GA 5.247.01. An attacker can perform a directory path traversal via the Page parameter in a GET request to main.do...

7.5CVSS6.8AI score0.0338EPSS

Exploits4References1

RedhatCVE•added 2026/01/09 12:30 p.m.•3 views

CVE-2023-40280

An issue was discovered in OpenClinic GA 5.247.01. An attacker can perform a directory path traversal via the Page parameter in a GET request to popup.jsp...

7.5CVSS6.8AI score0.00848EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 12:30 p.m.•4 views

CVE-2023-40275

An issue was discovered in OpenClinic GA 5.247.01. It allows retrieval of patient lists via queries such as findFirstname= to common/search/searchByAjax/patientslistShow.jsp...

9.1CVSS6.9AI score0.00917EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 12:29 p.m.•7 views

CVE-2023-40276

An issue was discovered in OpenClinic GA 5.247.01. An Unauthenticated File Download vulnerability has been discovered in pharmacy/exportFile.jsp...

9.1CVSS7AI score0.00736EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 12:28 p.m.•5 views

CVE-2023-40278

An issue was discovered in OpenClinic GA 5.247.01. An Information Disclosure vulnerability has been identified in the printAppointmentPdf.jsp component of OpenClinic GA. By changing the AppointmentUid parameter, an attacker can determine whether a specific appointment exists based on the error...

7.5CVSS6.6AI score0.03002EPSS

Exploits4References1

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2020-19746

Malware in sbrugna...

9.8CVSS6.9AI score0.00876EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2020-6624

Malware in sbrugna...

9CVSS8.5AI score0.01748EPSS

Exploits0References2