CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-39375
https://notcve.org/view.php?id=CVE-2021-39375
24 Aug 2021 — Philips Healthcare Tasy Electronic Medical Record (EMR) 3.06 allows SQL injection via the WAdvancedFilter/getDimensionItemsByCode FilterValue parameter. Philips Healthcare Tasy Electronic Medical Record (EMR) versión 3.06, permite una inyección SQL por medio del parámetro WAdvancedFilter/getDimensionItemsByCode FilterValue. • https://diesec.home.blog/2021/08/24/philips-tasy-emr-3-06-sql-injection-cve-2021-39375cve-2021-39376 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-39376
https://notcve.org/view.php?id=CVE-2021-39376
24 Aug 2021 — Philips Healthcare Tasy Electronic Medical Record (EMR) 3.06 allows SQL injection via the CorCad_F2/executaConsultaEspecifico IE_CORPO_ASSIST or CD_USUARIO_CONVENIO parameter. Philips Healthcare Tasy Electronic Medical Record (EMR) versión 3.06, permite una inyección SQL por medio del parámetro CorCad_F2/executaConsultaEspecifico IE_CORPO_ASSIST o CD_USUARIO_CONVENIO. • https://diesec.home.blog/2021/08/24/philips-tasy-emr-3-06-sql-injection-cve-2021-39375cve-2021-39376 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •