CVE-2026-34055 OpenEMR has IDOR in Patient Notes Web UI allows unauthorized note access/modification

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, the legacy patient notes functions in library/pnotes.inc.php perform updates and deletes using WHERE id = ? without verifying that the note belongs to a patient the...

EUVD-2020-15480

Malware in sbrugna...

Unrestricted file upload

A File Upload Vulnerability in PNotes - Andrey Gruber PNotes.NET v3.8.1.2 allows a local attacker to execute arbitrary code via the Miscellaneous " External Programs by uploading the malicious .exe file to the external program...

CVE-2020-22721

A File Upload Vulnerability in PNotes - Andrey Gruber PNotes.NET v3.8.1.2 allows a local attacker to execute arbitrary code via the Miscellaneous " External Programs by uploading the malicious .exe file to the external program...

CVE-2020-22721

CVE-2020-22721 affects PNotes.NET v3.8.1.2. The vulnerability is a local file upload issue in the “External Programs” feature that allows a local attacker to craft and upload a malicious .exe, enabling arbitrary code execution on the host. The available connected documents reiterate the issue but...