Page 17 of 89 results (0.010 seconds)

CVSS: 8.8EPSS: 70%CPEs: 1EXPL: 7

Unrestricted file upload in interface/super/manage_site_files.php in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary PHP code by uploading a file with a PHP extension via the images upload form and accessing it in the images directory. Subida de archivos sin restricción en interface/super/manage_site_files.php en versiones de OpenEMR anteriores a la 5.0.1.4 permite que un atacante autenticado remoto ejecute código PHP arbitrario subiendo un archivo con una extensión PHP mediante el formulario de subida de imágenes y accediendo a él en el directorio de imágenes. • https://www.exploit-db.com/exploits/49998 https://www.exploit-db.com/exploits/50122 https://github.com/sec-it/exploit-CVE-2018-15139 http://packetstormsecurity.com/files/163110/OpenEMR-5.0.1.3-Shell-Upload.html http://packetstormsecurity.com/files/163482/OpenEMR-5.0.1.3-Shell-Upload.html https://github.com/Hacker5preme/Exploits/tree/main/CVE-2018-15139-Exploit https://github.com/openemr/openemr/pull/1757/commits/c2808a0493243f618bbbb3459af23c7da3dc5485 https://www.databreaches.net/openemr-patche • CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

SQL injection vulnerability in interface/de_identification_forms/find_drug_popup.php in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary SQL commands via the search_term parameter. Vulnerabilidad de inyección SQL en interface/de_identification_forms/find_drug_popup.php en versiones de OpenEMR anteriores a la 5.0.1.4 permite que un atacante remoto autenticado ejecute comandos SQL mediante el parámetro search_term. • https://github.com/openemr/openemr/pull/1757/files https://www.databreaches.net/openemr-patches-serious-vulnerabilities-uncovered-by-project-insecurity • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1

Directory traversal in portal/import_template.php in versions of OpenEMR before 5.0.1.4 allows a remote attacker authenticated in the patient portal to delete arbitrary files via the "docid" parameter when the mode is set to delete. Salto de directorio en portal/import_template.php en versiones de OpenEMR anteriores a la 5.0.1.4 permite que un atacante remoto autenticado en el portal patient borre archivos arbitrarios mediante el parámetro "docid" cuando el modo está configurado en delete. OpenEMR version 5.0.1.3 suffers from arbitrary file read, write, and delete vulnerabilities. • https://www.exploit-db.com/exploits/45202 https://github.com/openemr/openemr/pull/1765/files https://www.databreaches.net/openemr-patches-serious-vulnerabilities-uncovered-by-project-insecurity • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1

Directory traversal in portal/import_template.php in versions of OpenEMR before 5.0.1.4 allows a remote attacker authenticated in the patient portal to read arbitrary files via the "docid" parameter when the mode is set to get. Salto de directorio en portal/import_template.php en versiones de OpenEMR anteriores a la 5.0.1.4 permite que un atacante remoto autenticado en el portal patient lea archivos arbitrarios mediante el parámetro "docid" cuando el modo está configurado en get. OpenEMR version 5.0.1.3 suffers from arbitrary file read, write, and delete vulnerabilities. • https://www.exploit-db.com/exploits/45202 https://github.com/openemr/openemr/pull/1765/files https://www.databreaches.net/openemr-patches-serious-vulnerabilities-uncovered-by-project-insecurity • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

Multiple SQL injection vulnerabilities in portal/find_appt_popup_user.php in versions of OpenEMR before 5.0.1.4 allow a remote attacker to execute arbitrary SQL commands via the (1) catid or (2) providerid parameter. Múltiples vulnerabilidades de inyección SQL en portal/find_appt_popup_user.php en versiones de OpenEMR anteriores a la 5.0.1.4 permiten que un atacante remoto ejecute comandos SQL mediante los parámetros (1) catid o (2) providerid. • https://github.com/openemr/openemr/pull/1758/files https://www.databreaches.net/openemr-patches-serious-vulnerabilities-uncovered-by-project-insecurity • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •