8.3CVSS
8.2AI Score
0.002EPSS
Unrestricted Upload of File with Dangerous Type in GitHub repository openemr/openemr prior to...
8.8CVSS
8.7AI Score
0.001EPSS
Authorization Bypass Through User-Controlled Key in GitHub repository openemr/openemr prior to...
8.8CVSS
5AI Score
0.002EPSS
Authorization Bypass Through User-Controlled Key in GitHub repository openemr/openemr prior to...
8.8CVSS
5.5AI Score
0.002EPSS
8.1CVSS
7AI Score
0.007EPSS
5.4CVSS
5.9AI Score
0.006EPSS
Cross-site Scripting (XSS) - Stored in GitHub repository openemr/openemr prior to...
4.8CVSS
4.9AI Score
0.016EPSS
8.1CVSS
8.1AI Score
0.006EPSS
8.8CVSS
6.7AI Score
0.002EPSS
8.1CVSS
7AI Score
0.005EPSS
Cross-site Scripting (XSS) - Generic in GitHub repository openemr/openemr prior to...
6.1CVSS
6.4AI Score
0.005EPSS
Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr prior to...
6.1CVSS
6.3AI Score
0.005EPSS
5.4CVSS
5.2AI Score
0.008EPSS
4.3CVSS
5AI Score
0.004EPSS
Cross-site Scripting (XSS) - Stored in GitHub repository openemr/openemr prior to...
4.8CVSS
5.6AI Score
0.021EPSS
Cross-site Scripting (XSS) - Stored in GitHub repository openemr/openemr prior to...
4.8CVSS
4.9AI Score
0.008EPSS
Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr prior to...
6.1CVSS
6.2AI Score
0.005EPSS
8.1CVSS
8.1AI Score
0.002EPSS
Cross-site Scripting (XSS) - Generic in GitHub repository openemr/openemr prior to...
6.1CVSS
6.2AI Score
0.005EPSS
Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr prior to...
6.1CVSS
6.2AI Score
0.005EPSS
7.5CVSS
7.7AI Score
0.002EPSS
Improper Restriction of Rendered UI Layers or Frames in GitHub repository openemr/openemr prior to...
5.4CVSS
5.5AI Score
0.001EPSS
Authorization Bypass Through User-Controlled Key in GitHub repository openemr/openemr prior to...
6.5CVSS
6.4AI Score
0.002EPSS
Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr prior to...
6.1CVSS
6AI Score
0.002EPSS
5.4CVSS
5.3AI Score
0.004EPSS
Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr prior to...
6.1CVSS
6AI Score
0.002EPSS
Data Access from Outside Expected Data Manager Component in GitHub repository openemr/openemr prior to...
8.1CVSS
8AI Score
0.002EPSS
Cross-site Scripting (XSS) - Stored in GitHub repository openemr/openemr prior to...
5.4CVSS
5.6AI Score
0.016EPSS
Non Privilege User can Enable or Disable Registered in GitHub repository openemr/openemr prior to...
6.5CVSS
6.8AI Score
0.002EPSS
Stored XSS Leads To Session Hijacking in GitHub repository openemr/openemr prior to...
5.4CVSS
5.6AI Score
0.016EPSS
Non-Privilege User Can View Patient’s Disclosures in GitHub repository openemr/openemr prior to...
8.3CVSS
8.3AI Score
0.002EPSS
Multiple SQL injection vulnerabilities exist in phpGACL 3.3.7. A specially crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this...
9.8CVSS
9.9AI Score
0.005EPSS
Non-Privilege User Can Created New Rule and Lead to Stored Cross Site Scripting in GitHub repository openemr/openemr prior to...
5.4CVSS
5.3AI Score
0.051EPSS
3.5CVSS
4AI Score
0.003EPSS
5.4CVSS
5.2AI Score
0.051EPSS
5.4CVSS
5.2AI Score
0.051EPSS
Accounting User Can Download Patient Reports in openemr in GitHub repository openemr/openemr prior to...
4.3CVSS
4.6AI Score
0.003EPSS
interface/fax/fax_dispatch.php in OpenEMR 4.1.0 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the file...
7.4AI Score
0.026EPSS
Multiple directory traversal vulnerabilities in OpenEMR 4.1.0 allow remote authenticated users to read arbitrary files via a .. (dot dot) in the formname parameter to (1) contrib/acog/print_form.php; or (2) load_form.php, (3) view_form.php, or (4) trend_form.php in...
6.5AI Score
0.727EPSS
Variable overwrite vulnerability in interface/globals.php in OpenEMR 2.8.2 and earlier allows remote attackers to overwrite arbitrary program variables and conduct other unauthorized activities, such as conduct (a) remote file inclusion attacks via the srcdir parameter in custom/import_xml.php or.....
5.8AI Score
0.011EPSS
PHP remote file inclusion vulnerability in library/translation.inc.php in OpenEMR 2.8.1, with register_globals enabled, allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[srcdir]...
7.9AI Score
0.058EPSS
Multiple PHP remote file inclusion vulnerabilities in OpenEMR 2.8.1 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the srcdir parameter to (a) billing_process.php, (b) billing_report.php, (c) billing_report_xml.php, and (d)...
8AI Score
0.058EPSS
PHP remote file inclusion vulnerability in contrib/forms/evaluation/C_FormEvaluation.class.php in OpenEMR 2.8.1 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[fileroot]...
7.5AI Score
0.054EPSS