← Back

Openclinic Ga

openclinic_ga

Vendor: Freemedsoftware • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-14488
1Freemedsoftware
1Openclinic Ga
Jun 17, 2026
Jul 29, 2020
N/A· v4
8.8 HIGH· v3
9.0 HIGH· v2
OpenClinic GA 5.09.02 and 5.89.05b does not properly verify uploaded files, which may allow a low-privilege user to upload and execute arbitrary files on the system.
CVE-2020-14487
1Freemedsoftware
1Openclinic Ga
Jun 17, 2026
Jul 29, 2020
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
OpenClinic GA 5.09.02 contains a hidden default user account that may be accessed if an administrator has not expressly turned off this account, which may allow an attacker to login and execute arbitrary commands.