3 matches found
CVE-2018-15146
SQL injection vulnerability in interface/deidentificationforms/findimmunizationpopup.php in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary SQL commands via the 'searchterm' parameter...
CVE-2018-15146
OpenEMR is affected by a SQL injection in interface/de_identification_forms/find_immunization_popup.php for versions prior to 5.0.1.4. The vulnerability allows a remote authenticated attacker to execute arbitrary SQL commands through the 'search_term' parameter. Root cause: unsanitized input in t...
CVE-2018-15146
SQL injection vulnerability in interface/deidentificationforms/findimmunizationpopup.php in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary SQL commands via the 'searchterm' parameter...