12 matches found
CVE-2025-12922 OpenClinica Community Edition CRF Data Import ImportCRFData path traversal
A vulnerability was found in OpenClinica Community Edition up to 3.12.2/3.13. This affects an unknown part of the file /ImportCRFData?action=confirm of the component CRF Data Import. Performing manipulation of the argument xmlfile results in path traversal. The attack can be initiated remotely. T...
CVE-2022-24831
OpenClinica is an open source software for Electronic Data Capture EDC and Clinical Data Management CDM. Versions prior to 3.16.1 are vulnerable to SQL injection due to the use of string concatenation to create SQL queries instead of prepared statements. No known workarounds exist. This issue has...
Sql injection
OpenClinica is an open source software for Electronic Data Capture EDC and Clinical Data Management CDM. Versions prior to 3.16.1 are vulnerable to SQL injection due to the use of string concatenation to create SQL queries instead of prepared statements. No known workarounds exist. This issue has...
CVE-2022-24831 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in OpenClinica
OpenClinica is an open source software for Electronic Data Capture EDC and Clinical Data Management CDM. Versions prior to 3.16.1 are vulnerable to SQL injection due to the use of string concatenation to create SQL queries instead of prepared statements. No known workarounds exist. This issue has...
CVE-2022-24831
OpenClinica (EDC/CDM platform) has a SQL injection vulnerability in versions prior to 3.16.1 caused by building SQL via string concatenation instead of prepared statements. Exploitation можно leads to partial confidentiality, integrity, and availability impact as per CVSS data. The issue has been...
CVE-2022-24830
OpenClinica is an open source software for Electronic Data Capture EDC and Clinical Data Management CDM. OpenClinica prior to version 3.16 is vulnerable to path traversal in multiple endpoints, leading to arbitrary file read/write, and potential remote code execution. There are no known...
Path traversal
OpenClinica is an open source software for Electronic Data Capture EDC and Clinical Data Management CDM. OpenClinica prior to version 3.16 is vulnerable to path traversal in multiple endpoints, leading to arbitrary file read/write, and potential remote code execution. There are no known...
OpenClinica 路径遍历漏洞
OpenClinica is a commercial open source clinical trial software for electronic data capture EDC and clinical data management CDM. A security vulnerability exists in versions prior to OpenClinica 3.16 that stems from OpenClinica's susceptibility to multiple endpoint path traversals, which can lead...
CVE-2022-24830 Path Traversal in OpenClinica
OpenClinica is an open source software for Electronic Data Capture EDC and Clinical Data Management CDM. OpenClinica prior to version 3.16 is vulnerable to path traversal in multiple endpoints, leading to arbitrary file read/write, and potential remote code execution. There are no known...
CVE-2022-24830 Path Traversal in OpenClinica
OpenClinica is an open source software for Electronic Data Capture EDC and Clinical Data Management CDM. OpenClinica prior to version 3.16 is vulnerable to path traversal in multiple endpoints, leading to arbitrary file read/write, and potential remote code execution. There are no known...
CVE-2022-24830 Path Traversal in OpenClinica
OpenClinica is an open source software for Electronic Data Capture EDC and Clinical Data Management CDM. OpenClinica prior to version 3.16 is vulnerable to path traversal in multiple endpoints, leading to arbitrary file read/write, and potential remote code execution. There are no known...
CVE-2022-24830
OpenClinica is affected prior to version 3.16 by a path traversal vulnerability across multiple endpoints, enabling arbitrary file read/write and potential remote code execution. Root cause is path traversal in affected endpoints. Impact is high, with potential for partial confidentiality/integri...