12 matches found
EUVD-2012-4877
Malware in sbrugna...
CVE-2012-4952
Henry Schein Dentrix G5 before 15.1.294 has a single internal-database password that is shared across different customers' installations, which allows remote attackers to obtain sensitive information about patients by leveraging knowledge of this password from another installation...
dentrix.com Cross Site Scripting vulnerability OBB-4041736
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
reputation.dentrix.com Cross Site Scripting vulnerability OBB-3790237
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
reputation.dentrix.com Cross Site Scripting vulnerability OBB-3773864
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
MAL-2022-198 Malicious code in @dentrix/fetlife-assets (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1abf8ee3116b89f9d81b156348e8433dc4dce5afa861feef21d8c741c726de2f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @dentrix/fetlife-assets (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1abf8ee3116b89f9d81b156348e8433dc4dce5afa861feef21d8c741c726de2f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2012-4952
Henry Schein Dentrix G5 before 15.1.294 has a single internal-database password that is shared across different customers' installations, which allows remote attackers to obtain sensitive information about patients by leveraging knowledge of this password from another installation...
Information disclosure
Henry Schein Dentrix G5 before 15.1.294 has a single internal-database password that is shared across different customers' installations, which allows remote attackers to obtain sensitive information about patients by leveraging knowledge of this password from another installation...
CVE-2012-4952
Henry Schein Dentrix G5 before 15.1.294 has a single internal-database password that is shared across different customers' installations, which allows remote attackers to obtain sensitive information about patients by leveraging knowledge of this password from another installation...
CVE-2012-4952
CVE-2012-4952 affects Henry Schein Dentrix G5 prior to 15.1.294. The root cause is a hard-coded internal database password shared across multiple installations, enabling an attacker who obtains credentials from one site to access databases at other sites. The impact is potential disclosure of sen...
Henry Schein Dentrix G5 uses hard-coded database credentials shared across multiple installations
Overview Henry Schein Dentrix G5, a dental practice management software suite, uses hard-coded database access credentials that are shared across multiple installation sites. An attacker who is able to obtain the credentials for one site may be able to gain access to other sites using the same...