10 matches found
CVE-2020-19364
OpenEMR 5.0.1 allows an authenticated attacker to upload and execute malicious PHP scripts through /controller.php...
Design/Logic Flaw
OpenEMR 5.0.1 allows an authenticated attacker to upload and execute malicious PHP scripts through /controller.php...
CVE-2020-19364
OpenEMR 5.0.1 allows an authenticated attacker to upload and execute malicious PHP scripts through /controller.php...
CVE-2019-3966
In OpenEMR 5.0.1 and earlier, controller.php contains a reflected XSS vulnerability in the foreignid parameter. This could allow an attacker to execute arbitrary code in the context of a user's session...
CVE-2019-3964
In OpenEMR 5.0.1 and earlier, controller.php contains a reflected XSS vulnerability in the docid parameter. This could allow an attacker to execute arbitrary code in the context of a user's session...
CVE-2019-3963
In OpenEMR 5.0.1 and earlier, controller.php contains a reflected XSS vulnerability in the patientid parameter. This could allow an attacker to execute arbitrary code in the context of a user's session...
CVE-2019-3964
In OpenEMR 5.0.1 and earlier, controller.php contains a reflected XSS vulnerability in the docid parameter. This could allow an attacker to execute arbitrary code in the context of a user's session...
CVE-2019-3966
In OpenEMR 5.0.1 and earlier, controller.php contains a reflected XSS vulnerability in the foreignid parameter. This could allow an attacker to execute arbitrary code in the context of a user's session...
CVE-2019-3965
In OpenEMR 5.0.1 and earlier, controller.php contains a reflected XSS vulnerability in the documentid parameter. This could allow an attacker to execute arbitrary code in the context of a user's session...
OpenEMR Elevation of Privilege Vulnerability
OpenEMR is an open source medical management system maintained by the OpenEMR community. The system can be used for medical practice management, electronic medical records, prescription writing and medical billing requests. An elevation of privilege vulnerability exists in OpenEMR 5.0.1-dev and...