Openemr Security Vulnerabilities and Issues — Openemr CVE List

Lucene search

Open-emrOpenemr

5 matches found

CVE•added 2019/10/04 7:15 p.m.•162 views

CVE-2019-17179

4.1.0, 4.1.1, 4.1.2, 4.1.2.3, 4.1.2.6, 4.1.2.7, 4.2.0, 4.2.1, 4.2.2, 5.0.0, 5.0.0.5, 5.0.0.6, 5.0.1, 5.0.1.1, 5.0.1.2, 5.0.1.3, 5.0.1.4, 5.0.1.5, 5.0.1.6, 5.0.1.7, 5.0.2, fixed in version 5.0.2.1

6.1CVSS6.5AI score0.02086EPSS

CVE•added 2019/10/05 7:15 p.m.•118 views

CVE-2019-17197

OpenEMR through 5.0.2 has SQL Injection in the Lifestyle demographic filter criteria in library/clinical_rules.php that affects library/patient.inc.

9.8CVSS9.9AI score0.00008EPSS

CVE•added 2019/10/21 11:15 p.m.•91 views

CVE-2019-16404

Authenticated SQL Injection in interface/forms/eye_mag/js/eye_base.php in OpenEMR through 5.0.2 allows a user to extract arbitrary data from the openemr database via a non-parameterized INSERT INTO statement, as demonstrated by the providerID parameter.

8.8CVSS8.9AI score0.00013EPSS

CVE•added 2019/10/21 1:15 a.m.•91 views

CVE-2019-16862

Reflected XSS in interface/forms/eye_mag/view.php in OpenEMR 5.x before 5.0.2.1 allows a remote attacker to execute arbitrary code in the context of a user's session via the pid parameter.

6.1CVSS6.7AI score0.06297EPSS

CVE•added 2019/10/21 1:15 a.m.•83 views

CVE-2019-17409

Reflected XSS exists in interface/forms/eye_mag/view.php in OpenEMR 5.x before 5.0.2.1 ia the id parameter.

6.1CVSS6.2AI score0.01938EPSS