164 matches found
EUVD-2022-34247
Malicious code in bioql PyPI...
EUVD-2022-52952
Malicious code in bioql PyPI...
Guangzhou Red Sea Cloud Computing Company Limited Red Sea Cloud eHr Exists Information Leakage Vulnerability
Redhaven eHR is a digital human resource management solution launched by Redhaven, focusing on providing state-owned enterprises and large-scale enterprises with systematic and precise services for optimizing salary distribution and incentive system. Guangzhou Red Sea Cloud Computing Co. Red Sea...
Decentralized COVID-19 Health System Leveraging Blockchain
With the development of the Internet, the amount of data generated by the medical industry each year has grown exponentially. The Electronic Health Record EHR manages the electronic data generated during the user's treatment process. Typically, an EHR data manager belongs to a medical institution...
CVE-2022-29938
In LibreHealth EHR 2.0.0, lack of sanitization of the GET parameter paymentid in interface\billing\newpayment.php via interface\billing\paymentmaster.inc.php leads to SQL injection...
CVE-2022-31498
LibreHealth EHR Base 2.0.0 allows interface/orders/patientmatchdialog.php key XSS...
CVE-2022-29940
In LibreHealth EHR 2.0.0, lack of sanitization of the GET parameters formseq and formid in interface\orders\findorderpopup.php leads to multiple cross-site scripting XSS vulnerabilities...
CVE-2022-29939
In LibreHealth EHR 2.0.0, lack of sanitization of the GET parameters debug and InsId in interface\billing\sleobprocess.php leads to multiple cross-site scripting XSS vulnerabilities...
CVE-2020-23829
interface/new/newcomprehensivesave.php in LibreHealth EHR 2.0.0 suffers from an authenticated file upload vulnerability, allowing remote attackers to achieve remote code execution RCE on the hosting webserver by uploading a maliciously crafted image...
CVE-2018-1000645
LibreHealthIO lh-ehr version...
CVE-2018-1000646
LibreHealthIO LH-EHR version REL-2.0.0 contains an Authenticated Unrestricted File Write vulnerability in Import template that can result in write files with malicious content and may lead to remote code execution...
CVE-2018-1000839
LH-EHR version REL-200 contains a Arbitrary File Upload vulnerability in Profile picture upload that can result in Remote Code Execution. This attack appear to be exploitable via Uploading a PHP file with image MIME type...
HChain 4.0: a Secure and Scalable Permissioned Blockchain for EHR Management in Smart Healthcare
The growing utilization of Internet of Medical Things IoMT devices, including smartwatches and wearable medical devices, has facilitated real-time health monitoring and data analysis to enhance healthcare outcomes. These gadgets necessitate improved security measures to safeguard sensitive health...
CVE-2025-4531
A vulnerability was found in Seeyon Zhiyuan OA Web Application System 8.1 SP2. It has been rated as critical. Affected by this issue is the function postData of the file ROOT\WEB-INF\classes\com\ours\www\ehr\salary\service\data\EhrSalaryPayrollServiceImpl.class of the component Beetl Template...
CVE-2025-1572
The KiviCare – Clinic & Patient Management System EHR plugin for WordPress is vulnerable to SQL Injection via the ‘uid’ parameter in all versions up to, and including, 3.6.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query...
CVE-2025-1572
The CVE-2025-1572 entry concerns KiviCare – Clinic & Patient Management System (EHR) WordPress plugin (versions
CVE-2025-1572 KiviCare – Clinic & Patient Management System (EHR) <= 3.6.7 - Authenticated (Doctor+) SQL Injection via 'u_id' Parameter
The KiviCare – Clinic & Patient Management System EHR plugin for WordPress is vulnerable to SQL Injection via the ‘uid’ parameter in all versions up to, and including, 3.6.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query...
WordPress plugin KiviCare – Clinic & Patient Management System (EHR) SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...
CVE-2024-11729 KiviCare – Clinic & Patient Management System (EHR) <= 3.6.4 - Authenticated (Subscriber+) SQL Injection
The KiviCare – Clinic & Patient Management System EHR plugin for WordPress is vulnerable to SQL Injection via the 'servicelist0serviceid' parameter of the getwidgetpaymentoptions AJAX action in all versions up to, and including, 3.6.4 due to insufficient escaping on the user supplied parameter an...
CVE-2024-11729 KiviCare – Clinic & Patient Management System (EHR) <= 3.6.4 - Authenticated (Subscriber+) SQL Injection
The KiviCare – Clinic & Patient Management System EHR plugin for WordPress is vulnerable to SQL Injection via the 'servicelist0serviceid' parameter of the getwidgetpaymentoptions AJAX action in all versions up to, and including, 3.6.4 due to insufficient escaping on the user supplied parameter an...