6 matches found
EUVD-2026-35842
OpenClinic GA 5.351.19 contains a reflected cross-site scripting vulnerability in the DICOM image upload handler that allows attackers to execute arbitrary JavaScript in a victim's browser by embedding malicious payloads in DICOM file metadata fields. Attackers can craft a DICOM file with...
PT-2026-48279
OpenClinic GA 5.351.19 contains a reflected cross-site scripting vulnerability in the DICOM image upload handler that allows attackers to execute arbitrary JavaScript in a victim's browser by embedding malicious payloads in DICOM file metadata fields. Attackers can craft a DICOM file with...
CVE-2023-40280
An issue was discovered in OpenClinic GA 5.247.01. An attacker can perform a directory path traversal via the Page parameter in a GET request to popup.jsp...
CVE-2023-40280
An issue was discovered in OpenClinic GA 5.247.01. An attacker can perform a directory path traversal via the Page parameter in a GET request to popup.jsp...
CVE-2023-40280
OpenClinic GA 5.247.01 is affected by CVE-2023-40280 due to a directory path traversal via the Page parameter in a GET request to popup.jsp. The issue is described consistently across sources (NVD/Red Hat/CNNVD/CVE List), with an attack vector described as network-accessible and a high impact in ...
PT-2024-12883 · Unknown · Openclinic Ga
Name of the Vulnerable Software and Affected Versions: OpenClinic GA version 5.247.01 Description: An issue was discovered in OpenClinic GA, allowing an attacker to perform a directory path traversal via the Page parameter in a GET request to "popup.jsp". Recommendations: For OpenClinic GA versio...