CVE-2026-3432

On SimStudio version below to 0.5.74, the /api/auth/oauth/token endpoint contains a code path that bypasses all authorization checks when provided with credentialAccountUserId and providerId parameters. An unauthenticated attacker can retrieve OAuth access tokens for any user by supplying their...

Unauthorized Access

alextselegidis/easyappointments is vulnerable to Unauthorized Access. The vulnerability is due to insufficient access controls in the GET, PUT, DELETE /providers/providerId endpoints, allowing a low privileged user to fetch, modify, or delete a privileged user's data...

Reflected XSS in interface/forms/eye_mag/js/eye_base.php

Description There exist a reflected XSS in /interface/forms/eyemag/js/eyebase.php in the 'providerID' parameter. Proof of Concept http://openemr.local/interface/forms/eyemag/js/eyebase.php?providerID=%3Cimg%20src=x%20onerror=alert1;%3E fix properly sanitize the providerID parameter...

Kubernetes: Node Validation Admission does not observe all oldObject fields

Summary: The Validating Admission webhook for Node Objects is passing oldObject fields incorrectly on AdmissionReview.Request. It was identified initially in metadata.labels, but a list of impacted fields follows below: oldNode.Spec.PodCIDRs oldNode.Spec.ProviderID oldNode.Spec.ConfigSource...

Sql injection

Authenticated SQL Injection in interface/forms/eyemag/js/eyebase.php in OpenEMR through 5.0.2 allows a user to extract arbitrary data from the openemr database via a non-parameterized INSERT INTO statement, as demonstrated by the providerID parameter...

OpenEMR SQL Injection Vulnerability (CNVD-2018-17436)

OpenEMR is an open source medical management system maintained by the OpenEMR community. The system can be used for medical practice management, electronic medical records, prescription writing and medical billing requests. Multiple SQL injection vulnerabilities exist in the...