Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 9:19 p.m.9 views

CVE-2021-32104

A SQL injection vulnerability exists with user privileges in interface/forms/eyemag/save.php in OpenEMR 5.0.2.1...

8.8CVSS7.9AI score0.01176EPSS
Exploits0References1
NVD
NVD
added 2021/05/07 4:15 a.m.14 views

CVE-2021-32102

A SQL injection vulnerability exists with user privileges in library/customtemplate/ajaxcode.php in OpenEMR 5.0.2.1...

8.8CVSS0.01176EPSS
Exploits0References5
Prion
Prion
added 2021/05/07 4:15 a.m.19 views

Code injection

The Patient Portal of OpenEMR 5.0.2.1 is affected by a incorrect access control system in portal/patient/machineconfig.php. To exploit the vulnerability, an unauthenticated attacker can register an account, bypassing the permission check of this portal's API. Then, the attacker can then manipulat...

6.4CVSS8.1AI score0.01183EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2021/05/07 4:15 a.m.13 views

Sql injection

A SQL injection vulnerability exists with user privileges in library/customtemplate/ajaxcode.php in OpenEMR 5.0.2.1...

6.5CVSS9AI score0.01176EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2021/05/07 3:50 a.m.14 views

CVE-2021-32102

A SQL injection vulnerability exists with user privileges in library/customtemplate/ajaxcode.php in OpenEMR 5.0.2.1...

9.2AI score0.01176EPSS
Exploits0References5
Packet Storm
Packet Storm
added 2021/04/21 12:0 a.m.451 views

OpenEMR 5.0.2.1 Remote Code Execution

Exploit Title: OpenEMR 5.0.2.1 - Remote Code Execution Exploit Author: Hato0, BvThTrd Date: 2020-08-07 Vendor Homepage: https://www.open-emr.org/ Software Link: https://sourceforge.net/projects/openemr/files/OpenEMR%20Current/5.0.2.1/openemr-5.0.2.tar.gz/download Version: 5.0.2.1 without patches...

7.4AI score
Exploits0
Prion
Prion
added 2021/02/07 8:15 p.m.14 views

Command injection

The Patient Portal of OpenEMR 5.0.2.1 is affected by a Command Injection vulnerability in /interface/main/backup.php. To exploit the vulnerability, an authenticated attacker can send a POST request that executes arbitrary OS commands via shell metacharacters...

9CVSS8.9AI score0.64144EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2021/02/07 7:59 p.m.19 views

CVE-2020-36243

The Patient Portal of OpenEMR 5.0.2.1 is affected by a Command Injection vulnerability in /interface/main/backup.php. To exploit the vulnerability, an authenticated attacker can send a POST request that executes arbitrary OS commands via shell metacharacters...

9AI score0.64144EPSS
Exploits1References4
Rows per page
Query Builder