Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
LibrehealthLibrehealth Ehr2.0.0

5 matches found

CVE
CVEadded 2020/07/15 8:15 p.m.35 views

CVE-2020-11436

LibreHealth EMR v2.0.0 is vulnerable to XSS that results in the ability to force arbitrary actions on behalf of other users including administrators.

9CVSS8.7AI score0.00737EPSS
CVE
CVEadded 2020/07/15 8:15 p.m.35 views

CVE-2020-11437

LibreHealth EMR v2.0.0 is affected by SQL injection allowing low-privilege authenticated users to enumerate the database.

4.3CVSS5.2AI score0.00378EPSS
CVE
CVEadded 2020/07/15 8:15 p.m.30 views

CVE-2020-11438

LibreHealth EMR v2.0.0 is affected by systemic CSRF.

8.8CVSS8.7AI score0.002EPSS
CVE
CVEadded 2020/09/01 5:15 p.m.29 views

CVE-2020-23829

interface/new/new_comprehensive_save.php in LibreHealth EHR 2.0.0 suffers from an authenticated file upload vulnerability, allowing remote attackers to achieve remote code execution (RCE) on the hosting webserver by uploading a maliciously crafted image.

8.8CVSS8.9AI score0.02533EPSS
CVE
CVEadded 2020/07/15 8:15 p.m.27 views

CVE-2020-11439

LibreHealth EMR v2.0.0 is affected by a Local File Inclusion issue allowing arbitrary PHP to be included and executed within the EMR application.

9CVSS8.7AI score0.00757EPSS