71 matches found
EUVD-2020-5814
Malware in sbrugna...
EUVD-2020-5812
Malware in sbrugna...
EUVD-2020-5813
Malware in sbrugna...
EUVD-2020-5815
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2020-13565
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An open redirect vulnerability exists in the returnpage redirection functionality of phpGACL 3.3.7, OpenEMR 5.0.2 and OpenEMR development version 6.0.0 commit...
Linux Distros Unpatched Vulnerability : CVE-2020-13566
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SQL injection vulnerabilities exist in phpGACL 3.3.7. A specially crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to...
Linux Distros Unpatched Vulnerability : CVE-2020-13568
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SQL injection vulnerability exists in phpGACL 3.3.7. A specially crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigg...
The vulnerability of the phpgacl/assign_group.tpl template in the PHP library for managing access in web applications of the phpGACL system for managing medical documentation in OpenEMR, allowing attackers to perform cross-site scripting attacks.
The vulnerability of the phpgacl/assigngroup.tpl template in the PHP library for managing access in web applications is related to the lack of protective measures taken when processing the groupid template parameter. Exploiting this vulnerability allows a malicious actor to perform cross-site...
The vulnerability of the phpgacl/acl_admin.tpl template in the PHP library for managing access in web applications. This is part of the phpGACL system used for managing medical documentation in OpenEMR. It allows attackers to perform cross-site scripting attacks.
The vulnerability of the phpgacl/acladmin.tpl PHP template used in the phpGACL access control library for web applications in the OpenEMR medical documentation system is related to the lack of protection for the website structure when processing the aclid template parameter. Exploiting this...
CVE-2020-13564
A cross-site scripting vulnerability exists in the template functionality of phpGACL 3.3.7. A specially crafted HTTP request can lead to arbitrary JavaScript execution. An attacker can provide a crafted URL to trigger this vulnerability in the phpGACL template aclid parameter...
CVE-2020-13568
SQL injection vulnerability exists in phpGACL 3.3.7. A specially crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability in admin/editgroup.php, when the POST parameter action is “Submit”, the POST parameter parentid leads to a SQL...
CVE-2020-13562
A cross-site scripting vulnerability exists in the template functionality of phpGACL 3.3.7. A specially crafted HTTP request can lead to arbitrary JavaScript execution. An attacker can provide a crafted URL to trigger this vulnaerability in the phpGACL template action parameter...
CVE-2020-13566
SQL injection vulnerabilities exist in phpGACL 3.3.7. A specially crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability In admin/editgroup.php, when the POST parameter action is “Delete”, the POST parameter deletegroup leads to a SQL...
CVE-2020-13563
A cross-site scripting vulnerability exists in the template functionality of phpGACL 3.3.7. A specially crafted HTTP request can lead to arbitrary JavaScript execution. An attacker can provide a crafted URL to trigger this vulnerability in the phpGACL template groupid parameter...
CVE-2020-13567
Multiple SQL injection vulnerabilities exist in phpGACL 3.3.7. A specially crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability...
CVE-2020-13567
Multiple SQL injection vulnerabilities exist in phpGACL 3.3.7. A specially crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability...
Sql injection
Multiple SQL injection vulnerabilities exist in phpGACL 3.3.7. A specially crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability...
CVE-2020-13567
CVE-2020-13567 concerns the phpGACL 3.3.7 library, which contains multiple SQL injection vulnerabilities. The flaws arise from unsanitized input being concatenated into SQL queries across the code paths in phpGACL (notably in admin/edit_group.php and related group handling functions), enabling at...
CVE-2020-13567
Multiple SQL injection vulnerabilities exist in phpGACL 3.3.7. A specially crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability...
CVE-2020-13567
Multiple SQL injection vulnerabilities exist in phpGACL 3.3.7. A specially crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability...