Librehealth Ehr

librehealth_ehr

Vendor: Librehealth • 22 CVEs

CVEs (22)

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2018-1000646

1Librehealth

1Librehealth Ehr

Nov 21, 2024

Aug 20, 2018

N/A· v4

8.8 HIGH· v3

6.5 MEDIUM· v2

LibreHealthIO LH-EHR version REL-2.0.0 contains an Authenticated Unrestricted File Write vulnerability in Import template that can result in write files with malicious content and may lead to remote code execution.

CVE-2018-1000645

1Librehealth

1Librehealth Ehr

Nov 21, 2024

Aug 20, 2018

N/A· v4

6.5 MEDIUM· v3

4.0 MEDIUM· v2

LibreHealthIO lh-ehr version <REL-2.0.0 contains an Authenticated Local File Disclosure vulnerability in Importing of templates allows local file disclosure that can result in Disclosure of sensitive files on the server....Show more

LibreHealthIO lh-ehr version <REL-2.0.0 contains an Authenticated Local File Disclosure vulnerability in Importing of templates allows local file disclosure that can result in Disclosure of sensitive files on the server. This attack appear to be exploitable via User controlled variable in import templates function.Show less