OpenEMR 3.2.x Virtual Appl. - SQL Injection Vulnerabilities

2011-07-27T00:00:00
ID VULNERLAB:116
Type vulnerlab
Reporter Vulnerability Research Laboratory
Modified 2011-07-27T00:00:00

Description

Multiple SQL Injection Vulnerabilities are detected on different modules of the web-application. Attackers can compromise the application by injection own statements over not secure parsed modules.

Vulnerable Module(s):

        [+] Add/Edit Events
        [+] Immunizations - Patiens_File
        [+] Demographics
        [+] Calender ID
        [+] AddUrlShield