13 matches found
CVE-2026-24848
OpenEMR is a free and open source electronic health records and medical practice management application. In 7.0.4 and earlier, the disposeDocument method in EtherFaxActions.php allows authenticated users to write arbitrary content to arbitrary locations on the server filesystem. This vulnerabilit...
CVE-2026-24848
OpenEMR is a free and open source electronic health records and medical practice management application. In 7.0.4 and earlier, the disposeDocument method in EtherFaxActions.php allows authenticated users to write arbitrary content to arbitrary locations on the server filesystem. This vulnerabilit...
CVE-2026-24848
CVE-2026-24848 – OpenEMR : OpenEMR versions 7.0.4 and earlier are affected by a vulnerability in the EtherFaxActions.php disposeDocument() method that allows authenticated users to write arbitrary content to arbitrary locations on the server filesystem. This can be exploited to achieve Remote Cod...
EUVD-2026-9327
OpenEMR is a free and open source electronic health records and medical practice management application. In 7.0.4 and earlier, the disposeDocument method in EtherFaxActions.php allows authenticated users to write arbitrary content to arbitrary locations on the server filesystem. This vulnerabilit...
OpenEMR 路径遍历漏洞
OpenEMR is a set of open-source medical management systems developed by the OpenEMR community. This system can be used for medical practice management, electronic medical records, prescription writing, and medical billing applications. OpenEMR versions 7.0.4 and earlier have a path traversal...
PT-2026-22834
OpenEMR is a free and open source electronic health records and medical practice management application. In 7.0.4 and earlier, the disposeDocument method in EtherFaxActions.php allows authenticated users to write arbitrary content to arbitrary locations on the server filesystem. This vulnerabilit...
CVE-2026-24849
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 7.0.4, the disposeDocument method in EtherFaxActions.php allows authenticated users to read arbitrary files from the server filesystem. Any authenticated user regardless of...
CVE-2026-24849 OpenEMR Arbitrary File Read Vulnerability
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 7.0.4, the disposeDocument method in EtherFaxActions.php allows authenticated users to read arbitrary files from the server filesystem. Any authenticated user regardless of...
EUVD-2026-8581
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 7.0.4, the disposeDocument method in EtherFaxActions.php allows authenticated users to read arbitrary files from the server filesystem. Any authenticated user regardless of...
CVE-2026-24849 OpenEMR Arbitrary File Read Vulnerability
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 7.0.4, the disposeDocument method in EtherFaxActions.php allows authenticated users to read arbitrary files from the server filesystem. Any authenticated user regardless of...
CVE-2026-24849
OpenEMR vulnerability CVE-2026-24849 affects the EtherFaxActions.php disposeDocument() path, allowing any authenticated user to read arbitrary files on the server filesystem. The root cause is improper access control in the disposeDocument() method, enabling high confidentiality/integriity/availa...
CVE-2026-24849 OpenEMR Arbitrary File Read Vulnerability
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 7.0.4, the disposeDocument method in EtherFaxActions.php allows authenticated users to read arbitrary files from the server filesystem. Any authenticated user regardless of...
PT-2026-21824
Name of the Vulnerable Software and Affected Versions OpenEMR versions prior to 7.0.4 Description OpenEMR is an open source electronic health records and medical practice management application. Prior to version 7.0.4, the disposeDocument method in EtherFaxActions.php allows authenticated users t...