34 matches found
CVE-2025-12921
A vulnerability has been found in OpenClinica Community Edition up to 3.12.2/3.13. Affected by this issue is some unknown functionality of the file /ImportCRFData?action=confirm of the component CRF Data Import. Such manipulation of the argument xmlfile leads to xml injection. It is possible to...
CVE-2025-12922
A vulnerability was found in OpenClinica Community Edition up to 3.12.2/3.13. This affects an unknown part of the file /ImportCRFData?action=confirm of the component CRF Data Import. Performing manipulation of the argument xmlfile results in path traversal. The attack can be initiated remotely. T...
EUVD-2025-38724
A vulnerability was found in OpenClinica Community Edition up to 3.12.2/3.13. This affects an unknown part of the file /ImportCRFData?action=confirm of the component CRF Data Import. Performing manipulation of the argument xmlfile results in path traversal. The attack can be initiated remotely. T...
CVE-2025-12922
A vulnerability was found in OpenClinica Community Edition up to 3.12.2/3.13. This affects an unknown part of the file /ImportCRFData?action=confirm of the component CRF Data Import. Performing manipulation of the argument xmlfile results in path traversal. The attack can be initiated remotely. T...
CVE-2025-12922
A vulnerability was found in OpenClinica Community Edition up to 3.12.2/3.13. This affects an unknown part of the file /ImportCRFData?action=confirm of the component CRF Data Import. Performing manipulation of the argument xmlfile results in path traversal. The attack can be initiated remotely. T...
EUVD-2025-38721
A vulnerability has been found in OpenClinica Community Edition up to 3.12.2/3.13. Affected by this issue is some unknown functionality of the file /ImportCRFData?action=confirm of the component CRF Data Import. Such manipulation of the argument xmlfile leads to xml injection. It is possible to...
CVE-2025-12921
A vulnerability has been found in OpenClinica Community Edition up to 3.12.2/3.13. Affected by this issue is some unknown functionality of the file /ImportCRFData?action=confirm of the component CRF Data Import. Such manipulation of the argument xmlfile leads to xml injection. It is possible to...
CVE-2025-12921
A vulnerability has been found in OpenClinica Community Edition up to 3.12.2/3.13. Affected by this issue is some unknown functionality of the file /ImportCRFData?action=confirm of the component CRF Data Import. Such manipulation of the argument xmlfile leads to xml injection. It is possible to...
CVE-2025-12922 OpenClinica Community Edition CRF Data Import ImportCRFData path traversal
A vulnerability was found in OpenClinica Community Edition up to 3.12.2/3.13. This affects an unknown part of the file /ImportCRFData?action=confirm of the component CRF Data Import. Performing manipulation of the argument xmlfile results in path traversal. The attack can be initiated remotely. T...
CVE-2025-12922 OpenClinica Community Edition CRF Data Import ImportCRFData path traversal
A vulnerability was found in OpenClinica Community Edition up to 3.12.2/3.13. This affects an unknown part of the file /ImportCRFData?action=confirm of the component CRF Data Import. Performing manipulation of the argument xmlfile results in path traversal. The attack can be initiated remotely. T...
CVE-2025-12922
CVE-2025-12922 affects OpenClinica Community Edition up to 3.12.2/3.13. The vulnerability resides in the CRF Data Import component, specifically the file path /ImportCRFData?action=confirm, where manipulation of the xml_file argument leads to a path traversal. The issue is exploitable remotely an...
OpenClinica Community Edition 路径遍历漏洞
OpenClinica Community Edition is a clinical data management system from OpenClinica, Inc. A path traversal vulnerability exists in OpenClinica Community Edition versions 3.12.2 and earlier and 3.13 and earlier, which stems from incorrect manipulation of the parameter xmlfile in the file...
OpenClinica Community Edition 安全漏洞
OpenClinica Community Edition is a clinical data management system from OpenClinica, Inc. in the United States. A security vulnerability exists in OpenClinica Community Edition versions 3.12.2 and 3.13, which stems from an incorrect manipulation of the parameter xmlfile in the file/ImportCRFData,...
PT-2025-45584
A vulnerability was found in OpenClinica Community Edition up to 3.12.2/3.13. This affects an unknown part of the file /ImportCRFData?action=confirm of the component CRF Data Import. Performing manipulation of the argument xml file results in path traversal. The attack can be initiated remotely...
CVE-2025-12921 OpenClinica Community Edition CRF Data Import ImportCRFData xml injection
A vulnerability has been found in OpenClinica Community Edition up to 3.12.2/3.13. Affected by this issue is some unknown functionality of the file /ImportCRFData?action=confirm of the component CRF Data Import. Such manipulation of the argument xmlfile leads to xml injection. It is possible to...
CVE-2025-12921 OpenClinica Community Edition CRF Data Import ImportCRFData xml injection
A vulnerability has been found in OpenClinica Community Edition up to 3.12.2/3.13. Affected by this issue is some unknown functionality of the file /ImportCRFData?action=confirm of the component CRF Data Import. Such manipulation of the argument xmlfile leads to xml injection. It is possible to...
CVE-2025-12921
OpenClinica Community Edition vulnerable to XML injection in CRF Data Import, via /ImportCRFData?action=confirm with manipulated xml_file. Affected versions: up to 3.12.2/3.13. Attacker could exploit remotely; exploit has been disclosed publicly. Remediation is to upgrade to a newer release (vers...
PT-2025-45583
Name of the Vulnerable Software and Affected Versions OpenClinica Community Edition versions up to 3.12.2/3.13 Description A flaw exists in OpenClinica Community Edition that allows for XML injection. This issue is related to the processing of the xml file argument within the...
EUVD-2022-29617
Malicious code in bioql PyPI...
CVE-2022-24830
OpenClinica is an open source software for Electronic Data Capture EDC and Clinical Data Management CDM. OpenClinica prior to version 3.16 is vulnerable to path traversal in multiple endpoints, leading to arbitrary file read/write, and potential remote code execution. There are no known...