30 matches found
EUVD-2020-26887
Malware in sbrugna...
EUVD-2020-17337
Malware in sbrugna...
EUVD-2020-26890
Malware in sbrugna...
EUVD-2014-7922
Malware in sbrugna...
EUVD-2020-26889
Malware in sbrugna...
EUVD-2022-28581
Malicious code in bioql PyPI...
EUVD-2021-34125
Malicious code in bioql PyPI...
EUVD-2025-6625
Malicious code in bioql PyPI...
EUVD-2021-34126
Malicious code in bioql PyPI...
CVE-2020-5732
In OpenMRS 2.9 and prior, he import functionality of the Data Exchange Module does not properly redirect to a login page when an unauthenticated user attempts to access it. This allows unauthenticated users to use a feature typically restricted to administrators...
CVE-2020-5731
In OpenMRS 2.9 and prior, the app parameter for the ActiveVisit's page is vulnerable to cross-site scripting...
CVE-2020-5730
In OpenMRS 2.9 and prior, the sessionLocation parameter for the login page is vulnerable to cross-site scripting...
CVE-2025-25928
A Cross-Site Request Forgery CSRF in the component /admin/users/user.form of Openmrs 2.4.3 Build 0ff0ed allows attackers to execute arbitrary operations via a crafted request. In this case, an attacker could elevate a low-privileged account to an administrative role by leveraging the CSRF...
CVE-2025-25929
A reflected cross-site scripting XSS vulnerability in the component /legacyui/quickReportServlet of Openmrs 2.4.3 Build 0ff0ed allows attackers to execute arbitrary JavaScript in the context of a user's browser via a crafted payload injected into the reportType parameter...
CVE-2025-25925
A stored cross-scripting XSS vulnerability in Openmrs v2.4.3 Build 0ff0ed allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the personName.middleName parameter at /openmrs/admin/patients/shortPatientForm.form...
CVE-2025-25927
A Cross-Site Request Forgery CSRF in Openmrs 2.4.3 Build 0ff0ed allows attackers to execute arbitrary operations via a crafted GET request...
CVE-2025-25928
A Cross-Site Request Forgery CSRF in the component /admin/users/user.form of Openmrs 2.4.3 Build 0ff0ed allows attackers to execute arbitrary operations via a crafted request. In this case, an attacker could elevate a low-privileged account to an administrative role by leveraging the CSRF...
CVE-2025-25929
A reflected cross-site scripting XSS vulnerability in the component /legacyui/quickReportServlet of Openmrs 2.4.3 Build 0ff0ed allows attackers to execute arbitrary JavaScript in the context of a user's browser via a crafted payload injected into the reportType parameter...
CVE-2025-25925
A stored cross-scripting XSS vulnerability in Openmrs v2.4.3 Build 0ff0ed allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the personName.middleName parameter at /openmrs/admin/patients/shortPatientForm.form...
CVE-2025-25925
CVE-2025-25925 refers to a stored cross-site scripting (XSS) vulnerability in OpenMRS v2.4.3 Build 0ff0ed. The issue allows attackers to inject arbitrary web scripts or HTML via the personName.middleName field on the page /openmrs/admin/patients/shortPatientForm.form, enabling script execution in...