2 matches found
CVE-2021-37364
OpenClinic GA 5.194.18 is affected by Insecure Permissions. By default the Authenticated Users group has modify permission to openclinic folders/files, enabling a low-privilege account to rename binaries (mysqld.exe or tomcat8.exe) in bin folders and substitute a malicious file that connects back...
OpenClinic GA 5.194.18 - Local Privilege Escalation
Exploit Title: OpenClinic GA 5.194.18 - Local Privilege Escalation Date: 2021-07-24 Author: Alessandro Salzano Vendor Homepage: https://sourceforge.net/projects/open-clinic/ Software Homepage: https://sourceforge.net/projects/open-clinic/ Software Link:...