387 matches found
OpenClinic GA 5.247.01 - Path Traversal (Authenticated) Vulnerability
Exploit Title: OpenClinic GA 5.247.01 - Path Traversal Authenticated Vendor Homepage: https://sourceforge.net/projects/open-clinic/ Software Link: https://sourceforge.net/projects/open-clinic/ Version: OpenClinic GA 5.247.01 Tested on: Windows 10, Windows 11 CVE: CVE-2023-40279 Details An issue w...
OpenClinic GA 5.247.01 - Information Disclosure
Exploit Title: OpenClinic GA 5.247.01 - Information Disclosure Date: 2023-08-14 Exploit Author: VB Vendor Homepage: https://sourceforge.net/projects/open-clinic/ Software Link: https://sourceforge.net/projects/open-clinic/ Version: OpenClinic GA 5.247.01 Tested on: Windows 10, Windows 11 CVE:...
OpenClinic GA 5.247.01 - Path Traversal (Authenticated)
Exploit Title: OpenClinic GA 5.247.01 - Path Traversal Authenticated Date: 2023-08-14 Exploit Author: V. B. Vendor Homepage: https://sourceforge.net/projects/open-clinic/ Software Link: https://sourceforge.net/projects/open-clinic/ Version: OpenClinic GA 5.247.01 Tested on: Windows 10, Windows 11...
OpenClinic GA 5.247.01 Information Disclosure
Exploit Title: OpenClinic GA 5.247.01 - Information Disclosure Date: 2023-08-14 Exploit Author: VB Vendor Homepage: https://sourceforge.net/projects/open-clinic/ Software Link: https://sourceforge.net/projects/open-clinic/ Version: OpenClinic GA 5.247.01 Tested on: Windows 10, Windows 11 CVE:...
CVE-2023-40279
An issue was discovered in OpenClinic GA 5.247.01. An attacker can perform a directory path traversal via the Page parameter in a GET request to main.do...
CVE-2023-40279
An issue was discovered in OpenClinic GA 5.247.01. An attacker can perform a directory path traversal via the Page parameter in a GET request to main.do...
CVE-2023-40278
An issue was discovered in OpenClinic GA 5.247.01. An Information Disclosure vulnerability has been identified in the printAppointmentPdf.jsp component of OpenClinic GA. By changing the AppointmentUid parameter, an attacker can determine whether a specific appointment exists based on the error...
CVE-2023-40278
An issue was discovered in OpenClinic GA 5.247.01. An Information Disclosure vulnerability has been identified in the printAppointmentPdf.jsp component of OpenClinic GA. By changing the AppointmentUid parameter, an attacker can determine whether a specific appointment exists based on the error...
CVE-2023-40275
An issue was discovered in OpenClinic GA 5.247.01. It allows retrieval of patient lists via queries such as findFirstname= to common/search/searchByAjax/patientslistShow.jsp...
CVE-2023-40276
An issue was discovered in OpenClinic GA 5.247.01. An Unauthenticated File Download vulnerability has been discovered in pharmacy/exportFile.jsp...
CVE-2023-40275
An issue was discovered in OpenClinic GA 5.247.01. It allows retrieval of patient lists via queries such as findFirstname= to common/search/searchByAjax/patientslistShow.jsp...
CVE-2023-40280
An issue was discovered in OpenClinic GA 5.247.01. An attacker can perform a directory path traversal via the Page parameter in a GET request to popup.jsp...
CVE-2023-40277
An issue was discovered in OpenClinic GA 5.247.01. A Reflected Cross-Site Scripting XSS vulnerability has been discovered in the login.jsp message parameter...
CVE-2023-40276
An issue was discovered in OpenClinic GA 5.247.01. An Unauthenticated File Download vulnerability has been discovered in pharmacy/exportFile.jsp...
CVE-2023-40276
An issue was discovered in OpenClinic GA 5.247.01. An Unauthenticated File Download vulnerability has been discovered in pharmacy/exportFile.jsp...
CVE-2023-40277
An issue was discovered in OpenClinic GA 5.247.01. A Reflected Cross-Site Scripting XSS vulnerability has been discovered in the login.jsp message parameter...
CVE-2023-40280
An issue was discovered in OpenClinic GA 5.247.01. An attacker can perform a directory path traversal via the Page parameter in a GET request to popup.jsp...
CVE-2023-40280
An issue was discovered in OpenClinic GA 5.247.01. An attacker can perform a directory path traversal via the Page parameter in a GET request to popup.jsp...
CVE-2023-40277
An issue was discovered in OpenClinic GA 5.247.01. A Reflected Cross-Site Scripting XSS vulnerability has been discovered in the login.jsp message parameter...
CVE-2023-40278
An issue was discovered in OpenClinic GA 5.247.01. An Information Disclosure vulnerability has been identified in the printAppointmentPdf.jsp component of OpenClinic GA. By changing the AppointmentUid parameter, an attacker can determine whether a specific appointment exists based on the error...