63 matches found
EUVD-2020-20865
Malware in sbrugna...
EUVD-2020-20864
Malware in sbrugna...
EUVD-2020-20862
Malware in sbrugna...
EUVD-2020-20863
Malware in sbrugna...
EUVD-2020-20860
Malware in sbrugna...
EUVD-2020-20861
Malware in sbrugna...
CVE-2020-28406
An improper authorization vulnerability exists in Star Practice Management Web version 2019.2.0.6, allowing an unauthorized user to access details about jobs he should not have access to via the Audit Trail Feature...
CVE-2020-28402
An improper authorization vulnerability exists in Star Practice Management Web version 2019.2.0.6, allowing an unauthorized user to access Launcher Configuration Panel...
CVE-2020-28401
An improper authorization vulnerability exists in Star Practice Management Web version 2019.2.0.6, allowing an unauthorized user to access WIP details about jobs he should not have access to...
CVE-2020-28404
An improper authorization vulnerability exists in Star Practice Management Web version 2019.2.0.6, allowing an unauthorized user to access the Billing page without the appropriate privileges...
CVE-2025-3708
Le-show medical practice management system from Le-yan has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents...
CVE-2025-3708 Le-show Medical Practice Management System - SQL Injection
Le-show medical practice management system from Le-yan has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents...
PT-2025-18747 · Le Yan · Le-Show Medical Practice Management System
Name of the Vulnerable Software and Affected Versions: Le-show medical practice management system affected versions not specified Description: The Le-show medical practice management system from Le-yan has a SQL Injection vulnerability. This allows unauthenticated remote attackers to inject...
CVE-2020-28405
An improper authorization vulnerability exists in Star Practice Management Web version 2019.2.0.6, allowing an unauthorized user to change the privileges of any user of the application. This can be used to grant himself the administrative role or remove all administrative accounts of the...
CVE-2020-28403
A Cross-Site Request Forgery CSRF vulnerability exists in Star Practice Management Web version 2019.2.0.6, allowing an attacker to change the privileges of any user of the application. This can be used to grant himself administrative role or remove the administrative account of the application...
PT-2023-26914 · Unknown · Pms Module
Name of the Vulnerable Software and Affected Versions: PMS module affected versions not specified Description: The issue is related to the PMS module, where input parameters are not strictly verified. This can cause newly installed apps to fail to restart if the vulnerability is successfully...
Arbitrary File Deletion Vulnerability in OpenEMR
OpenEMR is the open source electronic health record and medical practice management solution. OpenEMR suffers from an arbitrary file deletion vulnerability that can be exploited by an attacker to delete arbitrary files...
OpenEMR Cross-Site Scripting Vulnerability (CNVD-2021-22944)
OpenEMR is a medical practice management software that also supports electronic medical records EMR. A stored cross-site scripting vulnerability exists in OpenEMR version 2.7.3-rc1 - 6.0.0. The vulnerability stems from the Allergies section not properly validating user input. An attacker can...
OpenEMR Improper Access Control Vulnerability
OpenEMR is a medical practice management software that also supports electronic medical records EMR. OpenEMR version 2.7.2-rc1 - 6.0.0 suffers from an improper access control vulnerability when creating a new user. An attacker could exploit the vulnerability to obtain sensitive information...
OpenEMR SQL Injection Vulnerability (CNVD-2021-12109)
OpenEMR is a medical practice management software that also supports electronic medical records EMR. A SQL injection vulnerability exists in interface/reports/immunizationreport.php in OpenEMR versions prior to 5.0.2.5. A remote authenticated attacker can exploit this vulnerability to execute...