5 matches found
EUVD-2020-6623
Malware in sbrugna...
CVE-2020-14487
OpenClinic GA 5.09.02 contains a hidden default user account that may be accessed if an administrator has not expressly turned off this account, which may allow an attacker to login and execute arbitrary commands...
Command injection
A low-privilege user may use SQL syntax to write arbitrary files to the OpenClinic GA 5.09.02 and 5.89.05b server, which may allow the execution of arbitrary commands...
CVE-2020-14493 OpenClinic GA
A low-privilege user may use SQL syntax to write arbitrary files to the OpenClinic GA 5.09.02 and 5.89.05b server, which may allow the execution of arbitrary commands...
CVE-2020-14490
OpenClinic GA versions 5.09.02 and 5.89.05b contain a path traversal vulnerability (CWE-22) that allows arbitrary local files to be specified via parameters and may execute uploaded files, risking disclosure of sensitive data and code execution. The issue corresponds to CVE-2020-14490; root cause...