Openclinic Ga@5.247.01 Security Vulnerabilities and Issues — Openclinic Ga@5.247.01 CVE List

Lucene search

Openclinic Ga ProjectOpenclinic Ga5.247.01

6 matches found

CVE•added 2024/03/19 1:15 p.m.•62 views

CVE-2023-40279

An issue was discovered in OpenClinic GA 5.247.01. An attacker can perform a directory path traversal via the Page parameter in a GET request to main.do.

7.5CVSS6.7AI score0.10563EPSS

CVE•added 2024/03/19 12:15 p.m.•54 views

CVE-2023-40278

An issue was discovered in OpenClinic GA 5.247.01. An Information Disclosure vulnerability has been identified in the printAppointmentPdf.jsp component of OpenClinic GA. By changing the AppointmentUid parameter, an attacker can determine whether a specific appointment exists based on the error mess...

7.5CVSS6.5AI score0.04285EPSS

CVE•added 2024/03/19 1:15 a.m.•40 views

CVE-2023-40277

An issue was discovered in OpenClinic GA 5.247.01. A Reflected Cross-Site Scripting (XSS) vulnerability has been discovered in the login.jsp message parameter.

6.1CVSS5.8AI score0.0022EPSS

CVE•added 2024/03/19 1:15 a.m.•32 views

CVE-2023-40280

An issue was discovered in OpenClinic GA 5.247.01. An attacker can perform a directory path traversal via the Page parameter in a GET request to popup.jsp.

7.5CVSS6.8AI score0.00815EPSS

CVE•added 2024/03/19 1:15 a.m.•31 views

CVE-2023-40275

An issue was discovered in OpenClinic GA 5.247.01. It allows retrieval of patient lists via queries such as findFirstname= to _common/search/searchByAjax/patientslistShow.jsp.

9.1CVSS6.8AI score0.00257EPSS

CVE•added 2024/03/19 1:15 a.m.•31 views

CVE-2023-40276

An issue was discovered in OpenClinic GA 5.247.01. An Unauthenticated File Download vulnerability has been discovered in pharmacy/exportFile.jsp.

9.1CVSS6.8AI score0.0049EPSS