Lucene search
+L

164 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-34247

Malicious code in bioql PyPI...

8.8CVSS8.7AI score0.01424EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.10 views

EUVD-2022-52952

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00965EPSS
Exploits1References3
CNVD
CNVD
added 2025/06/04 12:0 a.m.2 views

Guangzhou Red Sea Cloud Computing Company Limited Red Sea Cloud eHr Exists Information Leakage Vulnerability

Redhaven eHR is a digital human resource management solution launched by Redhaven, focusing on providing state-owned enterprises and large-scale enterprises with systematic and precise services for optimizing salary distribution and incentive system. Guangzhou Red Sea Cloud Computing Co. Red Sea...

6.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/03 12:0 a.m.4 views

Decentralized COVID-19 Health System Leveraging Blockchain

With the development of the Internet, the amount of data generated by the medical industry each year has grown exponentially. The Electronic Health Record EHR manages the electronic data generated during the user's treatment process. Typically, an EHR data manager belongs to a medical institution...

6.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 1:16 a.m.9 views

CVE-2022-29938

In LibreHealth EHR 2.0.0, lack of sanitization of the GET parameter paymentid in interface\billing\newpayment.php via interface\billing\paymentmaster.inc.php leads to SQL injection...

8.8CVSS7.5AI score0.01424EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:11 p.m.12 views

CVE-2022-31498

LibreHealth EHR Base 2.0.0 allows interface/orders/patientmatchdialog.php key XSS...

6.1CVSS6.9AI score0.00918EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:48 p.m.10 views

CVE-2022-29940

In LibreHealth EHR 2.0.0, lack of sanitization of the GET parameters formseq and formid in interface\orders\findorderpopup.php leads to multiple cross-site scripting XSS vulnerabilities...

5.4CVSS5.9AI score0.00834EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:12 p.m.9 views

CVE-2022-29939

In LibreHealth EHR 2.0.0, lack of sanitization of the GET parameters debug and InsId in interface\billing\sleobprocess.php leads to multiple cross-site scripting XSS vulnerabilities...

5.4CVSS5.9AI score0.00834EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:46 p.m.9 views

CVE-2020-23829

interface/new/newcomprehensivesave.php in LibreHealth EHR 2.0.0 suffers from an authenticated file upload vulnerability, allowing remote attackers to achieve remote code execution RCE on the hosting webserver by uploading a maliciously crafted image...

8.8CVSS7.7AI score0.02541EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 1:14 p.m.9 views

CVE-2018-1000645

LibreHealthIO lh-ehr version...

6.5CVSS6.7AI score0.01366EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:48 a.m.9 views

CVE-2018-1000646

LibreHealthIO LH-EHR version REL-2.0.0 contains an Authenticated Unrestricted File Write vulnerability in Import template that can result in write files with malicious content and may lead to remote code execution...

8.8CVSS7.6AI score0.03286EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 2:35 a.m.11 views

CVE-2018-1000839

LH-EHR version REL-200 contains a Arbitrary File Upload vulnerability in Profile picture upload that can result in Remote Code Execution. This attack appear to be exploitable via Uploading a PHP file with image MIME type...

8.8CVSS7.4AI score0.03127EPSS
Exploits1References1
Packet Storm News
Packet Storm News
added 2025/05/19 12:0 a.m.6 views

HChain 4.0: a Secure and Scalable Permissioned Blockchain for EHR Management in Smart Healthcare

The growing utilization of Internet of Medical Things IoMT devices, including smartwatches and wearable medical devices, has facilitated real-time health monitoring and data analysis to enhance healthcare outcomes. These gadgets necessitate improved security measures to safeguard sensitive health...

6.9AI score
Exploits0
OSV
OSV
added 2025/05/11 6:15 a.m.4 views

CVE-2025-4531

A vulnerability was found in Seeyon Zhiyuan OA Web Application System 8.1 SP2. It has been rated as critical. Affected by this issue is the function postData of the file ROOT\WEB-INF\classes\com\ours\www\ehr\salary\service\data\EhrSalaryPayrollServiceImpl.class of the component Beetl Template...

8.8CVSS5.6AI score0.00418EPSS
Exploits0References4
NVD
NVD
added 2025/02/28 8:15 a.m.13 views

CVE-2025-1572

The KiviCare – Clinic & Patient Management System EHR plugin for WordPress is vulnerable to SQL Injection via the ‘uid’ parameter in all versions up to, and including, 3.6.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query...

8.8CVSS0.00486EPSS
Exploits0References6
CVE
CVE
added 2025/02/28 7:34 a.m.135 views

CVE-2025-1572

The CVE-2025-1572 entry concerns KiviCare – Clinic & Patient Management System (EHR) WordPress plugin (versions

8.8CVSS6.5AI score0.00486EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichment
added 2025/02/28 7:34 a.m.6 views

CVE-2025-1572 KiviCare – Clinic & Patient Management System (EHR) <= 3.6.7 - Authenticated (Doctor+) SQL Injection via 'u_id' Parameter

The KiviCare – Clinic & Patient Management System EHR plugin for WordPress is vulnerable to SQL Injection via the ‘uid’ parameter in all versions up to, and including, 3.6.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query...

6.5CVSS6.5AI score0.00486EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/02/28 12:0 a.m.5 views

WordPress plugin KiviCare – Clinic & Patient Management System (EHR) SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

8.8CVSS8.8AI score0.00486EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2024/12/06 11:9 a.m.9 views

CVE-2024-11729 KiviCare – Clinic & Patient Management System (EHR) <= 3.6.4 - Authenticated (Subscriber+) SQL Injection

The KiviCare – Clinic & Patient Management System EHR plugin for WordPress is vulnerable to SQL Injection via the 'servicelist0serviceid' parameter of the getwidgetpaymentoptions AJAX action in all versions up to, and including, 3.6.4 due to insufficient escaping on the user supplied parameter an...

6.5CVSS7.3AI score0.00571EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/12/06 11:9 a.m.20 views

CVE-2024-11729 KiviCare – Clinic & Patient Management System (EHR) <= 3.6.4 - Authenticated (Subscriber+) SQL Injection

The KiviCare – Clinic & Patient Management System EHR plugin for WordPress is vulnerable to SQL Injection via the 'servicelist0serviceid' parameter of the getwidgetpaymentoptions AJAX action in all versions up to, and including, 3.6.4 due to insufficient escaping on the user supplied parameter an...

6.5CVSS0.00571EPSS
Exploits0References2
Rows per page
Query Builder