OpenEMR 安全漏洞

OpenEMR is a set of open-source medical management systems developed by the OpenEMR community. This system can be used for medical practice management, electronic medical records, prescription writing, and medical billing applications. Versions of OpenEMR prior to 8.0.0 contained security...

OpenEMR 安全漏洞

OpenEMR is a set of open-source medical management systems developed by the OpenEMR community. This system can be used for medical practice management, electronic medical records, prescription writing, and medical billing applications. Versions of OpenEMR prior to 8.0.0 contained security...

EUVD-2018-2643

Malware in sbrugna...

EUVD-2017-1508

Malware in sbrugna...

EUVD-2017-15451

Malware in sbrugna...

CVE-2021-25923

In OpenEMR, versions 5.0.0 to 6.0.0.1 are vulnerable to weak password requirements as it does not enforce a maximum password length limit. If a malicious user is aware of the first 72 characters of the victim user’s password, he can leverage it to an account takeover...

CVE-2021-25918

In OpenEMR, versions 5.0.2 to 6.0.0 are vulnerable to Stored Cross-Site-Scripting XSS due to user input not being validated properly and rendered in the TOTP Authentication method page. A highly privileged attacker could inject arbitrary code into input fields when creating a new user...

CVE-2018-17181

An issue was discovered in OpenEMR before 5.0.1 Patch 7. SQL Injection exists in the SaveAudit function in /portal/lib/paylib.php and the portalAudit function in /portal/lib/appsql.class.php...

CVE-2023-2942 Improper Input Validation in openemr/openemr

Improper Input Validation in GitHub repository openemr/openemr prior to 7.0.1...

openemr 4 - Multiple Vulnerabilities

No description provided by source. OpenEMR 4 Level @ Smash The Stack Summary: Patient Photograph Arbitrary File Upload Initial Comment: 1. Login with valid User/Pass 2. Patient/Client - Search/New Patient search for anything 3. Click Documents - Patient Photograph 4. Upload Shell URL:...

CVE-2012-0991

Multiple directory traversal vulnerabilities in OpenEMR 4.1.0 allow remote authenticated users to read arbitrary files via a .. dot dot in the formname parameter to 1 contrib/acog/printform.php; or 2 loadform.php, 3 viewform.php, or 4 trendform.php in interface/patientfile/encounter...

OpenEMR v3.2.0 SQL Injection and XSS

Exploit for php platform in category web applications Exploit Title: OpenEMR v3.2.0 Multiple Vulnerabilities Date: December 26, 2010 Author: Blake Software Link: http://sourceforge.net/projects/openemr/ Version: 3.2.0 Tested on: Windows XP SP3 Description: Open Source Practice Management,...