2 matches found
OpenEMR New.php Command Injection (CVE-2019-3968)
A command injection vulnerability exists in OpenEMR New.php. Successful exploitation of this vulnerability could result in arbitrary command execution on the affected system...
CVE-2019-3968
CVE-2019-3968 affects OpenEMR 5.0.1 and earlier. An authenticated attacker can execute arbitrary commands on the host via the Scanned Forms interface when creating a new form. The Red Hat/other advisories corroborate command injection in OpenEMR New.php; no remediation details are provided in the...