A Path Traversal in setup.php in OpenEMR < 7.0.0 allows remote unauthenticated users to read arbitrary files by controlling a connection to an attacker-controlled MySQL server.
Max CVSS
7.5
EPSS Score
0.47%
Published
2023-02-22
Updated
2023-03-03
A Local File Inclusion (LFI) vulnerability in interface/forms/LBF/new.php in OpenEMR < 7.0.0 allows remote authenticated users to execute code via the formname parameter.
Max CVSS
8.8
EPSS Score
0.94%
Published
2023-02-22
Updated
2023-03-03
A Reflected Cross-site scripting (XSS) vulnerability in interface/forms/eye_mag/php/eye_mag_functions.php in OpenEMR < 7.0.0 allows remote authenticated users to inject arbitrary web script or HTML via the REQUEST_URI.
Max CVSS
5.4
EPSS Score
0.18%
Published
2023-02-22
Updated
2023-03-03
Improper Authorization in GitHub repository openemr/openemr prior to 7.0.1.
Max CVSS
8.1
EPSS Score
0.34%
Published
2023-05-28
Updated
2023-06-01
Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr prior to 7.0.1.
Max CVSS
8.3
EPSS Score
0.40%
Published
2023-05-28
Updated
2023-06-01
Cross-site Scripting (XSS) - Generic in GitHub repository openemr/openemr prior to 7.0.1.
Max CVSS
8.3
EPSS Score
0.40%
Published
2023-05-28
Updated
2023-06-01
Improper Access Control in GitHub repository openemr/openemr prior to 7.0.1.
Max CVSS
8.1
EPSS Score
0.25%
Published
2023-05-27
Updated
2023-06-01
Missing Authorization in GitHub repository openemr/openemr prior to 7.0.1.
Max CVSS
5.4
EPSS Score
0.48%
Published
2023-05-27
Updated
2023-06-01
Improper Access Control in GitHub repository openemr/openemr prior to 7.0.1.
Max CVSS
6.3
EPSS Score
0.34%
Published
2023-05-27
Updated
2023-06-01
Code Injection in GitHub repository openemr/openemr prior to 7.0.1.
Max CVSS
8.8
EPSS Score
0.09%
Published
2023-05-27
Updated
2023-06-01
Improper Input Validation in GitHub repository openemr/openemr prior to 7.0.1.
Max CVSS
8.1
EPSS Score
0.34%
Published
2023-05-27
Updated
2023-06-01
Improper Access Control in GitHub repository openemr/openemr prior to 7.0.1.
Max CVSS
8.8
EPSS Score
0.34%
Published
2023-05-12
Updated
2023-05-22
Cross-site Scripting (XSS) - Stored in GitHub repository openemr/openemr prior to 7.0.1.
Max CVSS
7.5
EPSS Score
0.99%
Published
2023-05-08
Updated
2023-05-11
An Insecure Direct Object Reference (IDOR) vulnerability in OpenEMR 6.0.0 allows any authenticated attacker to access and modify unauthorized areas via a crafted POST request to /modules/zend_modules/public/Installer/register.
Max CVSS
8.1
EPSS Score
0.16%
Published
2022-03-03
Updated
2022-03-09
A stored cross-site scripting (XSS) issue was discovered in the OpenEMR Hospital Information Management System version 6.0.0.
Max CVSS
5.4
EPSS Score
0.17%
Published
2022-03-25
Updated
2022-03-29
Cross-site Scripting (XSS) - Stored in GitHub repository openemr/openemr prior to 7.0.0.2.
Max CVSS
6.7
EPSS Score
0.84%
Published
2022-12-27
Updated
2023-01-05
Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr prior to 7.0.0.2.
Max CVSS
8.3
EPSS Score
0.48%
Published
2022-12-19
Updated
2022-12-23
Improper Access Control in GitHub repository openemr/openemr prior to 7.0.0.2.
Max CVSS
8.1
EPSS Score
0.15%
Published
2022-12-17
Updated
2022-12-21
Unrestricted Upload of File with Dangerous Type in GitHub repository openemr/openemr prior to 7.0.0.2.
Max CVSS
8.8
EPSS Score
0.11%
Published
2022-12-15
Updated
2022-12-16
Authorization Bypass Through User-Controlled Key in GitHub repository openemr/openemr prior to 7.0.0.2.
Max CVSS
8.8
EPSS Score
0.18%
Published
2022-12-15
Updated
2023-07-11
Improper Input Validation in GitHub repository openemr/openemr prior to 7.0.0.2.
Max CVSS
7.5
EPSS Score
0.14%
Published
2022-12-15
Updated
2022-12-16
Cross-site Scripting (XSS) - Generic in GitHub repository openemr/openemr prior to 7.0.0.2.
Max CVSS
6.4
EPSS Score
0.48%
Published
2022-12-15
Updated
2022-12-16
Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr prior to 7.0.0.2.
Max CVSS
7.3
EPSS Score
0.48%
Published
2022-12-15
Updated
2022-12-16
Authorization Bypass Through User-Controlled Key in GitHub repository openemr/openemr prior to 7.0.0.1.
Max CVSS
8.8
EPSS Score
0.19%
Published
2022-08-15
Updated
2023-07-10
Improper Restriction of Rendered UI Layers or Frames in GitHub repository openemr/openemr prior to 7.0.0.1.
Max CVSS
10.0
EPSS Score
0.14%
Published
2022-08-09
Updated
2022-08-12
119 vulnerabilities found
1 2 3 4 5
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!