20 matches found
EUVD-2022-52953
Malicious code in bioql PyPI...
EUVD-2022-52952
Malicious code in bioql PyPI...
The vulnerability of the phpgacl/acl_admin.tpl template in the PHP library for managing access in web applications. This is part of the phpGACL system used for managing medical documentation in OpenEMR. It allows attackers to perform cross-site scripting attacks.
The vulnerability of the phpgacl/acladmin.tpl template in the PHP library for managing access in web applications is related to the lack of protective measures taken when processing the action template parameters. Exploiting this vulnerability allows a remote attacker to perform cross-site...
CVE-2022-31495
LibreHealth EHR Base 2.0.0 allows gacl/admin/acladmin.php returnpage XSS...
CVE-2022-31495
LibreHealth EHR Base 2.0.0 allows gacl/admin/acladmin.php returnpage XSS...
Cross site scripting
LibreHealth EHR Base 2.0.0 allows gacl/admin/acladmin.php returnpage XSS...
CVE-2022-31494
LibreHealth EHR Base 2.0.0 allows gacl/admin/acladmin.php action XSS...
Cross site scripting
LibreHealth EHR Base 2.0.0 allows gacl/admin/acladmin.php action XSS...
CVE-2022-31494
LibreHealth EHR Base 2.0.0 allows gacl/admin/acladmin.php action XSS...
CVE-2022-31493
LibreHealth EHR Base 2.0.0 allows gacl/admin/acladmin.php aclid XSS...
CVE-2022-31493
LibreHealth EHR Base 2.0.0 allows gacl/admin/acladmin.php aclid XSS...
PT-2021-9639 · Phpgacl +1 · Phpgacl +1
Name of the Vulnerable Software and Affected Versions: phpGACL version 3.3.7 OpenEMR version 5.0.2 OpenEMR development version 6.0.0 commit babec93f600ff1394f91ccd512bcad85832eb6ce Description: An open redirect issue exists in the return page redirection functionality. A specially crafted HTTP...
CVE-2020-13569
A cross-site request forgery vulnerability exists in the GACL functionality of OpenEMR 5.0.2 and development version 6.0.0 commit babec93f600ff1394f91ccd512bcad85832eb6ce. A specially crafted HTTP request can lead to the execution of arbitrary requests in the context of the victim. An attacker ca...
CVE-2020-13569
A cross-site request forgery vulnerability exists in the GACL functionality of OpenEMR 5.0.2 and development version 6.0.0 commit babec93f600ff1394f91ccd512bcad85832eb6ce. A specially crafted HTTP request can lead to the execution of arbitrary requests in the context of the victim. An attacker ca...
Cross site request forgery (csrf)
A cross-site request forgery vulnerability exists in the GACL functionality of OpenEMR 5.0.2 and development version 6.0.0 commit babec93f600ff1394f91ccd512bcad85832eb6ce. A specially crafted HTTP request can lead to the execution of arbitrary requests in the context of the victim. An attacker ca...
CVE-2020-13569
CVE-2020-13569 affects OpenEMR’s GACL module. Multiple connected sources confirm a cross-site request forgery vulnerability in OpenEMR 5.0.2 and the development version 6.0.0 (commit babec93f600ff1394f91ccd512bcad85832eb6ce) that allows an attacker to trigger arbitrary requests in the victim’s co...
CVE-2020-13569
A cross-site request forgery vulnerability exists in the GACL functionality of OpenEMR 5.0.2 and development version 6.0.0 commit babec93f600ff1394f91ccd512bcad85832eb6ce. A specially crafted HTTP request can lead to the execution of arbitrary requests in the context of the victim. An attacker ca...
PT-2021-9642 · Openemr · Openemr
Name of the Vulnerable Software and Affected Versions: OpenEMR versions 5.0.2 through 6.0.0 Description: A cross-site request forgery issue exists in the GACL functionality. This allows an attacker to send a specially crafted HTTP request, leading to the execution of arbitrary requests in the...
OpenEMR GACL cross-site request forgery vulnerability
Summary A cross-site request forgery vulnerability exists in the GACL functionality of OpenEMR 5.0.2 and development version 6.0.0 commit babec93f600ff1394f91ccd512bcad85832eb6ce. A specially crafted HTTP request can lead to the execution of arbitrary requests in the context of the victim. An...
OpenEMR 2.8.1 - srcdir Multiple Remote File Inclusions
OpenEMR 2.8.1 - srcdir Multiple Remote File Inclusions \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV60$2006 ----------------------------------------------------------------------------------------------- ECHOADV60$2006 OpenEMR =2.8.1 Multiple Remote File...