8 matches found
CVE-2020-24621
A remote code execution RCE vulnerability was discovered in the htmlformentry aka HTML Form Entry module before 3.11.0 for OpenMRS. By leveraging path traversal, a malicious Velocity Template Language file could be written to a directory. This file could then be accessed and executed...
CVE-2020-24621
A remote code execution RCE vulnerability was discovered in the htmlformentry aka HTML Form Entry module before 3.11.0 for OpenMRS. By leveraging path traversal, a malicious Velocity Template Language file could be written to a directory. This file could then be accessed and executed...
CVE-2020-24621
The CVE concerns OpenMRS htmlformentry module prior to version 3.11.0. A path traversal flaw could allow writing a malicious Velocity Template Language file to a directory, which could then be accessed and executed, enabling remote code execution. Affected component: htmlformentry module in OpenM...
CVE-2020-24621
A remote code execution RCE vulnerability was discovered in the htmlformentry aka HTML Form Entry module before 3.11.0 for OpenMRS. By leveraging path traversal, a malicious Velocity Template Language file could be written to a directory. This file could then be accessed and executed...
CVE-2017-12795
OpenMRS openmrs-module-htmlformentry 3.3.2 is affected by: Improper Input Validation...
Input validation
OpenMRS openmrs-module-htmlformentry 3.3.2 is affected by: Improper Input Validation...
CVE-2017-12795
OpenMRS openmrs-module-htmlformentry 3.3.2 is affected by: Improper Input Validation...
CVE-2017-12795
CVE-2017-12795 affects OpenMRS OpenMRS module-htmlformentry 3.3.2 with an improper input validation vulnerability. Root cause and exact vulnerable component are not elaborated beyond the module name; impact is described generally as a validation error, with CVSS indicating high to critical severi...