2 matches found
CVE-2018-1000645
LibreHealthIO lh-ehr version REL-2.0.0 contains an Authenticated Local File Disclosure vulnerability in Importing of templates allows local file disclosure that can result in Disclosure of sensitive files on the server. This attack appear to be exploitable via User controlled variable in import...
CVE-2018-1000645
CVE-2018-1000645 affects LibreHealthIO lh-ehr prior to REL-2.0.0. The vulnerability is an Authenticated Local File Disclosure in the Importing of templates feature, where a user-controlled variable in the import templates function can disclose sensitive server files. This is documented across mul...