4 matches found
OpenEMR 5.0.0 - Remote Code Execution (Authenticated)
Exploit Title: OpenEMR 5.0.0 - Remote Code Execution Authenticated Date 10.06.2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://www.open-emr.org/ Software Link: https://sourceforge.net/projects/openemr/files/OpenEMR%20Current/5.0.0/openemr-5.0.0.zip/download Version: 5.0.0 Teste...
EulerOS 2.0 SP2 : libarchive (EulerOS-SA-2019-1725)
According to the versions of the libarchive package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - OpenEMR version 5.0.0 contains a Cross Site Scripting XSS vulnerability in open-flash-chart.swf and posteddata.php that can result in . This...
CVE-2018-1000019
OpenEMR version 5.0.0 contains a OS Command Injection vulnerability in faxdispatch.php that can result in OS command injection by an authenticated attacker with any role. This vulnerability appears to have been fixed in 5.0.0 Patch 2 or higher...
CVE-2017-12064
The csvloghtml function in library/edihistory/edihcsvinc.php in OpenEMR 5.0.0 and prior allows attackers to bypass intended access restrictions via a crafted name...