42 matches found
CVE-2026-32122 OpenEMR: Missing Authorization on Claim File Tracker UI and AJAX Endpoint (V2)
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.1, the Claim File Tracker feature exposes an AJAX endpoint that returns billing claim metadata claim IDs, payer info, transmission logs. The endpoint does not enforce the same A...
CVE-2026-32122
OpenEMR (Claim File Tracker UI/AJAX Endpoint) exposes billing claim metadata to authenticated users lacking proper billing permissions prior to version 8.0.0.1 due to missing authorization on the Claim File Tracker endpoint. This is fixed in 8.0.0.1. The vulnerability stems from ACLs not matching...
EUVD-2026-11392
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.1, the Claim File Tracker feature exposes an AJAX endpoint that returns billing claim metadata claim IDs, payer info, transmission logs. The endpoint does not enforce the same A...
CVE-2026-32122 OpenEMR: Missing Authorization on Claim File Tracker UI and AJAX Endpoint (V2)
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.1, the Claim File Tracker feature exposes an AJAX endpoint that returns billing claim metadata claim IDs, payer info, transmission logs. The endpoint does not enforce the same A...
OpenEMR 安全漏洞
OpenEMR is a set of open-source medical management systems developed by the OpenEMR community. This system can be used for medical practice management, electronic medical records, prescription writing, and medical billing applications. Versions of OpenEMR prior to 8.0.0.1 contained security...
PT-2026-24841
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.1, the Claim File Tracker feature exposes an AJAX endpoint that returns billing claim metadata claim IDs, payer info, transmission logs. The endpoint does not enforce the same A...
EUVD-2019-2114
Malware in sbrugna...
EUVD-2023-34109
Malicious code in bioql PyPI...
EUVD-2023-23559
Malicious code in bioql PyPI...
EUVD-2023-34142
Malicious code in bioql PyPI...
EUVD-2023-23564
Malicious code in bioql PyPI...
CVE-2023-2678
A vulnerability has been found in SourceCodester File Tracker Manager System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /filemanager/admin/saveuser.php of the component POST Parameter Handler. The manipulation of the argument firstname leads to cross si...
CVE-2023-2643
A vulnerability classified as critical was found in SourceCodester File Tracker Manager System 1.0. This vulnerability affects unknown code of the file register/updatepassword.php of the component POST Parameter Handler. The manipulation of the argument newpassword leads to sql injection. The...
CVE-2023-1294
A vulnerability was found in SourceCodester File Tracker Manager System 1.0. It has been classified as critical. Affected is an unknown function of the file /filemanager/login.php of the component POST Parameter Handler. The manipulation of the argument username leads to sql injection. It is...
CVE-2023-1302
A vulnerability, which was classified as problematic, was found in SourceCodester File Tracker Manager System 1.0. This affects an unknown part of the file normal/borrow1.php. The manipulation of the argument id with the input 1" leads to cross site scripting. It is possible to initiate the attac...
File Tracker Manager System Cross-Site Scripting Vulnerability
File Tracker Manager System is a file tracker manager system. File Tracker Manager System v1.0 version of a cross-site scripting vulnerability, the vulnerability stems from the /filemanager/admin/saveuser.php parameter firstname of the user-supplied data lack of effective filtering and escaping, ...
File Tracker Manager System SQL Injection Vulnerability
File Tracker Manager System is a file tracker manager system. File Tracker Manager System v1.0 suffers from a SQL injection vulnerability, which originates from the lack of validation of the parameter newpassword in the file register/updatepassword.php against externally entered SQL statements. A...
CVE-2023-2678
A vulnerability has been found in SourceCodester File Tracker Manager System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /filemanager/admin/saveuser.php of the component POST Parameter Handler. The manipulation of the argument firstname leads to cross si...
CVE-2023-2678
A vulnerability has been found in SourceCodester File Tracker Manager System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /filemanager/admin/saveuser.php of the component POST Parameter Handler. The manipulation of the argument firstname leads to cross si...
Cross site scripting
A vulnerability has been found in SourceCodester File Tracker Manager System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /filemanager/admin/saveuser.php of the component POST Parameter Handler. The manipulation of the argument firstname leads to cross si...