Lucene search
+L

387 matches found

CNNVD
CNNVD
added 2024/03/19 12:0 a.m.3 views

OpenClinic GA Security Vulnerability

OpenClinic GA is an open source hospital information management system. The system supports financial management, clinical management and laboratory management. A security vulnerability exists in OpenClinic GA version 5.247.01, which originates from a directory path traversal attack that can be...

7.5CVSS6.4AI score0.00848EPSS
Exploits1References3
CVE
CVE
added 2024/03/19 12:0 a.m.57 views

CVE-2023-40277

OpenClinic GA 5.247.01 contains a reflected XSS in the login.jsp message parameter. The vulnerability affects the login flow and is documented with CVSSv3.1 base score 6.1 (MEDIUM) with Network attack vector, low attack complexity, no privileges, user interaction required, and changed scope (C/L/...

6.1CVSS5.8AI score0.0045EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2024/03/19 12:0 a.m.6 views

PT-2024-12882 · Unknown · Openclinic Ga

Name of the Vulnerable Software and Affected Versions: OpenClinic GA version 5.247.01 Description: An issue was discovered in OpenClinic GA, allowing an attacker to perform a directory path traversal via the Page parameter in a GET request to the "main.do" endpoint. Recommendations: For OpenClini...

7.5CVSS7.3AI score0.0338EPSS
Exploits4References6
CNNVD
CNNVD
added 2024/03/19 12:0 a.m.6 views

OpenClinic GA Security Vulnerability

OpenClinic GA is an open source hospital information management system. The system supports financial management, clinical management and laboratory management. A security vulnerability exists in OpenClinic GA version 5.247.01, which stems from an information disclosure vulnerability...

7.5CVSS6.3AI score0.03002EPSS
Exploits4References4
CNNVD
CNNVD
added 2024/03/19 12:0 a.m.3 views

OpenClinic GA Security Vulnerability

OpenClinic GA is an open source hospital information management system. The system supports financial management, clinical management and laboratory management. A security vulnerability exists in OpenClinic GA version 5.247.01, which stems from an unauthenticated file download vulnerability...

9.1CVSS6.8AI score0.00736EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2024/03/19 12:0 a.m.9 views

CVE-2023-40277

An issue was discovered in OpenClinic GA 5.247.01. A Reflected Cross-Site Scripting XSS vulnerability has been discovered in the login.jsp message parameter...

5.8AI score0.0045EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/03/19 12:0 a.m.9 views

CVE-2023-40276

An issue was discovered in OpenClinic GA 5.247.01. An Unauthenticated File Download vulnerability has been discovered in pharmacy/exportFile.jsp...

6.9AI score0.00736EPSS
Exploits1References2
CVE
CVE
added 2024/03/19 12:0 a.m.49 views

CVE-2023-40280

OpenClinic GA 5.247.01 is affected by CVE-2023-40280 due to a directory path traversal via the Page parameter in a GET request to popup.jsp. The issue is described consistently across sources (NVD/Red Hat/CNNVD/CVE List), with an attack vector described as network-accessible and a high impact in ...

7.5CVSS6.8AI score0.00848EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/03/19 12:0 a.m.10 views

CVE-2023-40280

An issue was discovered in OpenClinic GA 5.247.01. An attacker can perform a directory path traversal via the Page parameter in a GET request to popup.jsp...

6.8AI score0.00848EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/03/19 12:0 a.m.27 views

CVE-2023-40280

An issue was discovered in OpenClinic GA 5.247.01. An attacker can perform a directory path traversal via the Page parameter in a GET request to popup.jsp...

6.7AI score0.00848EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/03/19 12:0 a.m.25 views

CVE-2023-40277

An issue was discovered in OpenClinic GA 5.247.01. A Reflected Cross-Site Scripting XSS vulnerability has been discovered in the login.jsp message parameter...

5.7AI score0.0045EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/03/19 12:0 a.m.22 views

CVE-2023-40276

An issue was discovered in OpenClinic GA 5.247.01. An Unauthenticated File Download vulnerability has been discovered in pharmacy/exportFile.jsp...

6.8AI score0.00736EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/03/19 12:0 a.m.36 views

CVE-2023-40279

An issue was discovered in OpenClinic GA 5.247.01. An attacker can perform a directory path traversal via the Page parameter in a GET request to main.do...

6.7AI score0.0338EPSS
Exploits4References2
Vulnrichment
Vulnrichment
added 2024/03/19 12:0 a.m.19 views

CVE-2023-40279

An issue was discovered in OpenClinic GA 5.247.01. An attacker can perform a directory path traversal via the Page parameter in a GET request to main.do...

6.8AI score0.0338EPSS
Exploits4References2
CNNVD
CNNVD
added 2024/03/19 12:0 a.m.3 views

OpenClinic GA Path Traversal Vulnerability

OpenClinic GA is an open source hospital information management system. The system supports financial management, clinical management and laboratory management. A security vulnerability exists in OpenClinic GA version 5.247.01, which originates from a directory path traversal attack that can be...

7.5CVSS6.4AI score0.0338EPSS
Exploits4References5
CVE
CVE
added 2024/03/19 12:0 a.m.83 views

CVE-2023-40279

OpenClinic GA 5.247.01 has a directory path traversal vulnerability (CVE-2023-40279) via the Page parameter in GET /openclinic/main.do. Multiple connected sources describe potential access to arbitrary files and even execution in some contexts. No patch/version remediation details are provided in...

7.5CVSS6.7AI score0.0338EPSS
Exploits4References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/03/19 12:0 a.m.19 views

CVE-2023-40275

An issue was discovered in OpenClinic GA 5.247.01. It allows retrieval of patient lists via queries such as findFirstname= to common/search/searchByAjax/patientslistShow.jsp...

6.8AI score0.00917EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/03/19 12:0 a.m.5 views

OpenClinic GA Security Vulnerability

OpenClinic GA is an open source hospital information management system. The system supports financial management, clinical management and laboratory management. A security vulnerability exists in OpenClinic GA version 5.247.01, which stems from the presence of a Reflective Cross-Site Scripting XS...

6.1CVSS5.7AI score0.0045EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/03/19 12:0 a.m.34 views

CVE-2023-40278

An issue was discovered in OpenClinic GA 5.247.01. An Information Disclosure vulnerability has been identified in the printAppointmentPdf.jsp component of OpenClinic GA. By changing the AppointmentUid parameter, an attacker can determine whether a specific appointment exists based on the error...

6.6AI score0.03002EPSS
Exploits4References2
CVE
CVE
added 2024/03/19 12:0 a.m.44 views

CVE-2023-40276

OpenClinic GA 5.247.01 contains an unauthenticated file download vulnerability in pharmacy/exportFile.jsp. The issue allows unauthorized access to files, with CVSS v3.1 base score 9.1 (CRITICAL; AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N). No exploitation details are provided in the primary CVE entry. R...

9.1CVSS6.8AI score0.00736EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder