5 matches found
CVE-2026-25929 OpenEMR Patient Picture Context Allows Arbitrary Patient Photo Retrieval
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the document controller’s patientpicture context serves the patient’s photo by document ID or patient ID without verifying that the current user is authorized to access...
CVE-2025-27092
GHOSTS is an open source user simulation framework for cyber experimentation, simulation, training, and exercise. A path traversal vulnerability was discovered in GHOSTS version 8.0.0.0 that allows an attacker to access files outside of the intended directory through the photo retrieval endpoint...
CVE-2025-27092 Path Traversal Vulnerability in GHOSTS Photo Retrieval Endpoint
GHOSTS is an open source user simulation framework for cyber experimentation, simulation, training, and exercise. A path traversal vulnerability was discovered in GHOSTS version 8.0.0.0 that allows an attacker to access files outside of the intended directory through the photo retrieval endpoint...
CVE-2025-27092 Path Traversal Vulnerability in GHOSTS Photo Retrieval Endpoint
GHOSTS is an open source user simulation framework for cyber experimentation, simulation, training, and exercise. A path traversal vulnerability was discovered in GHOSTS version 8.0.0.0 that allows an attacker to access files outside of the intended directory through the photo retrieval endpoint...
GHOSTS 路径遍历漏洞
GHOSTS is an open source realistic user simulation framework for network experiments, simulations, training and exercises from the Software Engineering Institute. A path traversal vulnerability exists in GHOSTS versions 8.0.0.0 through prior to 8.2.7.90, which stems from the presence of a path...