Open-emr : Security Vulnerabilities, CVEs,
Improper Restriction of Rendered UI Layers or Frames in GitHub repository openemr/openemr prior to 7.0.0.1.
Max CVSS
10.0
EPSS Score
0.14%
Published
2022-08-09
Updated
2022-08-12
Multiple SQL injection vulnerabilities in portal/find_appt_popup_user.php in versions of OpenEMR before 5.0.1.4 allow a remote attacker to execute arbitrary SQL commands via the (1) catid or (2) providerid parameter.
Max CVSS
9.8
EPSS Score
0.18%
Published
2018-08-13
Updated
2018-10-10
Multiple SQL injection vulnerabilities in portal/add_edit_event_user.php in versions of OpenEMR before 5.0.1.4 allow a remote attacker to execute arbitrary SQL commands via the (1) eid, (2) userid, or (3) pid parameter.
Max CVSS
9.8
EPSS Score
0.18%
Published
2018-08-13
Updated
2018-10-10
CVE-2018-17179
Public exploit
An issue was discovered in OpenEMR before 5.0.1 Patch 7. There is SQL Injection in the make_task function in /interface/forms/eye_mag/php/taskman_functions.php via /interface/forms/eye_mag/taskman.php.
Max CVSS
9.8
EPSS Score
1.03%
Published
2019-05-17
Updated
2019-05-20
An issue was discovered in OpenEMR before 5.0.1 Patch 7. SQL Injection exists in the SaveAudit function in /portal/lib/paylib.php and the portalAudit function in /portal/lib/appsql.class.php.
Max CVSS
9.8
EPSS Score
0.18%
Published
2019-05-17
Updated
2019-05-20
OpenEMR before 5.0.2 allows SQL Injection in interface/forms/eye_mag/save.php.
Max CVSS
9.8
EPSS Score
0.17%
Published
2019-08-02
Updated
2023-03-03
OpenEMR through 5.0.2 has SQL Injection in the Lifestyle demographic filter criteria in library/clinical_rules.php that affects library/patient.inc.
Max CVSS
9.8
EPSS Score
0.22%
Published
2019-10-05
Updated
2019-10-08
Multiple SQL injection vulnerabilities exist in phpGACL 3.3.7. A specially crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability.
Max CVSS
9.8
EPSS Score
0.47%
Published
2022-04-18
Updated
2022-04-26
A cross-site scripting vulnerability exists in the template functionality of phpGACL 3.3.7. A specially crafted HTTP request can lead to arbitrary JavaScript execution. An attacker can provide a crafted URL to trigger this vulnaerability in the phpGACL template action parameter.
Max CVSS
9.6
EPSS Score
24.40%
Published
2021-02-01
Updated
2022-06-29
A cross-site scripting vulnerability exists in the template functionality of phpGACL 3.3.7. A specially crafted HTTP request can lead to arbitrary JavaScript execution. An attacker can provide a crafted URL to trigger this vulnerability in the phpGACL template group_id parameter.
Max CVSS
9.6
EPSS Score
4.10%
Published
2021-02-01
Updated
2022-07-29
A cross-site scripting vulnerability exists in the template functionality of phpGACL 3.3.7. A specially crafted HTTP request can lead to arbitrary JavaScript execution. An attacker can provide a crafted URL to trigger this vulnerability in the phpGACL template acl_id parameter.
Max CVSS
9.6
EPSS Score
4.10%
Published
2021-02-01
Updated
2022-07-29
Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr prior to 7.0.0.1.
Max CVSS
9.6
EPSS Score
0.14%
Published
2022-08-09
Updated
2022-08-12
Authentication bypass vulnerability in portal/account/register.php in versions of OpenEMR before 5.0.1.4 allows a remote attacker to access (1) portal/add_edit_event_user.php, (2) portal/find_appt_popup_user.php, (3) portal/get_allergies.php, (4) portal/get_amendments.php, (5) portal/get_lab_results.php, (6) portal/get_medications.php, (7) portal/get_patient_documents.php, (8) portal/get_problems.php, (9) portal/get_profile.php, (10) portal/portal_payment.php, (11) portal/messaging/messages.php, (12) portal/messaging/secure_chat.php, (13) portal/report/pat_ledger.php, (14) portal/report/portal_custom_report.php, or (15) portal/report/portal_patient_report.php without authenticating as a patient.
Max CVSS
9.1
EPSS Score
4.20%
Published
2018-08-15
Updated
2022-02-10
OpenEMR version 5.0.0 contains a OS Command Injection vulnerability in fax_dispatch.php that can result in OS command injection by an authenticated attacker with any role. This vulnerability appears to have been fixed in 5.0.0 Patch 2 or higher.
Max CVSS
9.0
EPSS Score
0.14%
Published
2018-02-09
Updated
2018-03-01
In OpenEMR 5.0.1 and earlier, an authenticated attacker can execute arbitrary commands on the host system via the Scanned Forms interface when creating a new form.
Max CVSS
9.0
EPSS Score
76.79%
Published
2019-08-20
Updated
2020-08-24
OpenEMR v5.0.1-6 allows code execution.
Max CVSS
9.0
EPSS Score
0.39%
Published
2019-09-16
Updated
2021-07-21
The Patient Portal of OpenEMR 5.0.2.1 is affected by a Command Injection vulnerability in /interface/main/backup.php. To exploit the vulnerability, an authenticated attacker can send a POST request that executes arbitrary OS commands via shell metacharacters.
Max CVSS
9.0
EPSS Score
18.60%
Published
2021-02-07
Updated
2021-06-01
OpenEMR 5.0.0 and prior allows low-privilege users to upload files of dangerous types which can result in arbitrary code execution within the context of the vulnerable application.
Max CVSS
8.8
EPSS Score
1.37%
Published
2017-06-02
Updated
2022-02-09
interface\super\edit_list.php in OpenEMR before v5_0_1_1 allows remote authenticated users to execute arbitrary SQL commands via the newlistname parameter.
Max CVSS
8.8
EPSS Score
22.84%
Published
2018-05-18
Updated
2018-06-20
interface/fax/fax_dispatch.php in OpenEMR before 5.0.1 allows remote authenticated users to bypass intended access restrictions via the scan parameter.
Max CVSS
8.8
EPSS Score
0.76%
Published
2018-04-30
Updated
2019-10-03
Unrestricted file upload in interface/super/manage_site_files.php in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary PHP code by uploading a file with a PHP extension via the images upload form and accessing it in the images directory.
Max CVSS
8.8
EPSS Score
73.69%
Published
2018-08-13
Updated
2022-02-10
Directory traversal in portal/import_template.php in versions of OpenEMR before 5.0.1.4 allows a remote attacker authenticated in the patient portal to execute arbitrary PHP code by writing a file with a PHP extension via the "docid" and "content" parameters and accessing it in the traversed directory.
Max CVSS
8.8
EPSS Score
0.81%
Published
2018-08-13
Updated
2018-10-10
SQL injection vulnerability in interface/de_identification_forms/find_drug_popup.php in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary SQL commands via the search_term parameter.
Max CVSS
8.8
EPSS Score
0.16%
Published
2018-08-13
Updated
2018-10-10
SQL injection vulnerability in interface/de_identification_forms/find_immunization_popup.php in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary SQL commands via the 'search_term' parameter.
Max CVSS
8.8
EPSS Score
0.13%
Published
2018-08-15
Updated
2018-10-11
SQL injection vulnerability in interface/forms_admin/forms_admin.php from library/registry.inc in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary SQL commands via the 'id' parameter.
Max CVSS
8.8
EPSS Score
0.13%
Published
2018-08-15
Updated
2018-10-12