2 matches found
OpenEMR < 5.0.1-1 SQLi Vulnerability
OpenEMR is prone to an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:open-emr:openemr";...
CVE-2018-9250
The CVE-2018-9250 issue concerns OpenEMR before v5_0_1_1, where the interface\super\edit_list.php file accepts the newlistname parameter and allows remote authenticated users to execute arbitrary SQL commands. The root cause is an SQL injection vulnerability in that endpoint, enabling attackers w...