EUVD-2018-17320

Malware in sbrugna...

The vulnerability of the executable file DTISQLInstaller.exe of the software package for interacting with QuicDoc and Office Therapy clients allows a perpetrator to gain access to the software.

The vulnerability of the DTISQLInstaller.exe executable file of the software package for interacting with QuicDoc and Office Therapy clients is related to the use of pre-installed user accounts. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to the softwar...

Unspecified Vulnerability in DocuTrac QuicDoc and Office Therapy DTISQLInstaller.exe

DocuTrac QuicDoc and Office Therapy are both products of DocuTrac, Inc.DocuTrac QuicDoc is a behavioral health management software for healthcare teams.Office Therapy is an office practice management system.DTISQLInstaller.exe is one of the DTISQLInstaller.exe is one of the executable programs. A...

DocuTrac QuicDoc and Office Therapy DTISQLInstaller.exe Information Disclosure Vulnerability

DocuTrac QuicDoc and Office Therapy are both products of DocuTrac, Inc.DocuTrac QuicDoc is a behavioral health management software for healthcare teams.Office Therapy is an office practice management system.DTISQLInstaller.exe is one of the DTISQLInstaller.exe is one of the executable programs. A...

CVE-2018-5551

Versions of DocuTrac QuicDoc and Office Therapy that ship with DTISQLInstaller.exe version 1.6.4.0 and prior contain three credentials with known passwords: QDMaster, OTMaster, and sa...

CVE-2018-5551

Versions of DocuTrac QuicDoc and Office Therapy that ship with DTISQLInstaller.exe version 1.6.4.0 and prior contain three credentials with known passwords: QDMaster, OTMaster, and sa...

CVE-2018-5552

Versions of DocuTrac QuicDoc and Office Therapy that ship with DTISQLInstaller.exe version 1.6.4.0 and prior contains a hard-coded cryptographic salt, "S@l+&pepper"...

Code injection

Versions of DocuTrac QuicDoc and Office Therapy that ship with DTISQLInstaller.exe version 1.6.4.0 and prior contain three credentials with known passwords: QDMaster, OTMaster, and sa...

CVE-2018-5552

Versions of DocuTrac QuicDoc and Office Therapy that ship with DTISQLInstaller.exe version 1.6.4.0 and prior contains a hard-coded cryptographic salt, "S@l+&pepper"...

Hardcoded credentials

Versions of DocuTrac QuicDoc and Office Therapy that ship with DTISQLInstaller.exe version 1.6.4.0 and prior contains a hard-coded cryptographic salt, "S@l+&pepper"...

CVE-2018-5552

CVE-2018-5552 affects DocuTrac QuicDoc and Office Therapy installers (DTISQLInstaller.exe, v1.6.4.0 and earlier). The root cause, per connected sources, is a hard-coded cryptographic salt named “S@l+&pepper” embedded in the installer. The documents do not specify the exact impact, attack vectors,...

CVE-2018-5551 DocuTrac DTISQLInstaller.exe Hard-Coded Credentials

Versions of DocuTrac QuicDoc and Office Therapy that ship with DTISQLInstaller.exe version 1.6.4.0 and prior contain three credentials with known passwords: QDMaster, OTMaster, and sa...

CVE-2018-5551

CVE-2018-5551 affects DocuTrac QuicDoc and Office Therapy when DTISQLInstaller.exe (bundled version ≤ 1.6.4.0) contains hard-coded credentials (QDMaster, OTMaster, sa). CNVD analyses indicate at least three hard-coded credentials and a hard-coded salt in the same installer, enabling potential una...

CVE-2018-5552 DocuTrac DTISQLInstaller.exe Hard-Coded Salt

Versions of DocuTrac QuicDoc and Office Therapy that ship with DTISQLInstaller.exe version 1.6.4.0 and prior contains a hard-coded cryptographic salt, "S@l+&pepper"...