CVE-2026-33931

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, an Insecure Direct Object Reference IDOR vulnerability in the patient portal payment page allows any authenticated portal patient to access other patients' payment...

CVE-2026-33931 OpenEMR has IDOR in Portal Payment Page that Allows Cross-Patient Record Access

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, an Insecure Direct Object Reference IDOR vulnerability in the patient portal payment page allows any authenticated portal patient to access other patients' payment...

CVE-2026-33931

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, an Insecure Direct Object Reference IDOR vulnerability in the patient portal payment page allows any authenticated portal patient to access other patients' payment...

CVE-2026-33931 OpenEMR has IDOR in Portal Payment Page that Allows Cross-Patient Record Access

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, an Insecure Direct Object Reference IDOR vulnerability in the patient portal payment page allows any authenticated portal patient to access other patients' payment...

CVE-2026-33931

Vulnerability summary (CVE-2026-33931) : OpenEMR prior to version 8.0.0.3 contains an insecure direct object reference (IDOR) in the patient portal payment page. By manipulating the recid parameter in portal/portal_payment.php, any authenticated portal patient could access other patients’ payment...

EUVD-2019-9230

Malware in sbrugna...

SQL Injection Vulnerability in Multiple Parameters of Multiple Files of Dahua Alarm Operation and Management Platform Devices

Dahua Alarm Center Management Platform is a comprehensive system solution centered on alarm reception and processing. Dahua alarm operation and management platform equipment attachmentclearTempFile.action file of bean.recId parameter, attachmentgetAttList.action file of bean.recId parameter,...

Wordpress Simple Ads Manager Plugin - Multiple SQL Injection Vulnerability

Exploit for php platform in category web applications Vulnerability title: Wordpress plugin Simple Ads Manager - SQL Injection Product: Wordpress plugin Simple Ads Manager Vendor: https://profiles.wordpress.org/minimus/ Affected version: Simple Ads Manager 2.5.94 and 2.5.96 Download link:...

Vpersian CMS SQL Injection Vulnerability

Remote SQL injection vulnerabilities in vperisan cms . Exploit Title : Vpersian CMS SQL Injection and Authentication bypass Author : Abolfazl74 Home page Link : http://vpersian.net Date : 03/02/2015 Version: All versions Google dork: intext:"VPersian CMS" email : email protected // Vulnerability...

SebracCMS 0.4 - Multiple SQL Injections

Name: SebracCMS Webiste: http://www.sebrac.netsons.org/cms/ Vulnerability type: SQL Injection Author: shinmai, 2008-06-28 Description: SebracCMS contains two major SQL injection vulnerabilities: Unsanitazed POST-variables in SQL queries when logging users in. This allows login access without prop...

CVE-2007-1616

SQL injection vulnerability in index.php in ScriptMagix Lyrics 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the recid parameter...

ScriptMagix Lyrics <= 2.0 (index.php recid) SQL Injection Exploit

No description provided by source. !/usr/bin/perl Script Name: ScriptMagix Lyrics = 2.0 index.php recid Remote Blind SQL Injection Exploit Coded by : ajann Author : ajann Contact : : S.Page : http://www.scriptmagix.com $$ : 35$ .. : ajann,Turkey use IO::Socket; if@ARGV 1 print "...

ScriptMagix Lyrics 2.0 - 'index.php?recid' SQL Injection

!/usr/bin/perl Script Name: ScriptMagix Lyrics : "; $dir = ; chop $dir; if $dir = /exit/ print "-- Exploit FailedYou Are Exited \n"; exit; if $dir = /// else print "-- Exploit FailedNo DIR \n"; exit; $target =...