12 matches found
EUVD-2018-1978
Malware in sbrugna...
EUVD-2018-1977
Malware in sbrugna...
CVE-2018-1000646
LibreHealthIO LH-EHR version REL-2.0.0 contains an Authenticated Unrestricted File Write vulnerability in Import template that can result in write files with malicious content and may lead to remote code execution...
CVE-2019-11021
admin/app/mediamanager in Schlix CMS 2.1.8-7 allows Authenticated Unrestricted File Upload, leading to remote code execution. NOTE: "While inadvertently allowing a PHP file to be uploaded via Media Manager was an oversight, it still requires an admin permission. We think it's pretty rare for an...
CVE-2018-1000649
LibreHealthIO lh-ehr version REL-2.0.0 contains a Authenticated Unrestricted File Write in letter.php 2 vulnerability in Patient file letter functions that can result in Write files with malicious content and may lead to remote code execution. This attack appear to be exploitable via User...
CVE-2018-1000649
LibreHealthIO lh-ehr version REL-2.0.0 contains a Authenticated Unrestricted File Write in letter.php 2 vulnerability in Patient file letter functions that can result in Write files with malicious content and may lead to remote code execution. This attack appear to be exploitable via User...
CVE-2018-1000648
LibreHealthIO lh-ehr version REL-2.0.0 contains a Authenticated Unrestricted File Write vulnerability in Patient file letter functions that can result in Write files with malicious content and may lead to remote code execution. This attack appear to be exploitable via User controlled parameters...
CVE-2018-1000646
Technical details about CVE-2018-1000646 are not publicly provided in the connected documents; monitor for updates.
CVE-2018-1000648
Summary: CVE-2018-1000648 affects LibreHealthIO lh-ehr REL-2.0.0. The vulnerability is an Authenticated Unrestricted File Write in the patient letter/file handling logic, where user-controlled parameters can cause files to be written with malicious content, potentially enabling remote code execut...
CVE-2018-1000647
LibreHealthIO lh-ehr version REL-2.0.0 contains a Authenticated Unrestricted File Deletion vulnerability in Import template that can result in Denial of service. This attack appear to be exploitable via User controlled parameter...
CVE-2018-1000646
LibreHealthIO LH-EHR version REL-2.0.0 contains an Authenticated Unrestricted File Write vulnerability in Import template that can result in write files with malicious content and may lead to remote code execution...
CVE-2018-1000649
LibreHealthIO lh-ehr version REL-2.0.0 contains a Authenticated Unrestricted File Write in letter.php 2 vulnerability in Patient file letter functions that can result in Write files with malicious content and may lead to remote code execution. This attack appear to be exploitable via User...