Open Emr

open-emr

217 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Openemr

openemr

217 CVEs

CVEs (217)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-22974 1Open Emr 1Openemr Nov 21, 2024 Feb 22, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 A Path Traversal in setup.php in OpenEMR < 7.0.0 allows remote unauthenticated users to read arbitrary files by controlling a connection to an attacker-controlled MySQL server.
CVE-2023-22973 1Open Emr 1Openemr Nov 21, 2024 Feb 22, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 A Local File Inclusion (LFI) vulnerability in interface/forms/LBF/new.php in OpenEMR < 7.0.0 allows remote authenticated users to execute code via the formname parameter.
CVE-2023-22972 1Open Emr 1Openemr Nov 21, 2024 Feb 22, 2023 N/A· v4 5.4 MEDIUM· v3 N/A· v2 A Reflected Cross-site scripting (XSS) vulnerability in interface/forms/eye_mag/php/eye_mag_functions.php in OpenEMR < 7.0.0 allows remote authenticated users to inject arbitrary web script or HTML via the REQUEST_URI.
CVE-2022-4733 1Open Emr 1Openemr Nov 21, 2024 Dec 27, 2022 N/A· v4 4.8 MEDIUM· v3 N/A· v2 Cross-site Scripting (XSS) - Stored in GitHub repository openemr/openemr prior to 7.0.0.2.
CVE-2022-4615 1Open Emr 1Openemr Nov 21, 2024 Dec 19, 2022 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr prior to 7.0.0.2.
CVE-2022-4567 1Open Emr 1Openemr Nov 21, 2024 Dec 17, 2022 N/A· v4 8.1 HIGH· v3 N/A· v2 Improper Access Control in GitHub repository openemr/openemr prior to 7.0.0.2.
CVE-2022-4506 1Open Emr 1Openemr Nov 21, 2024 Dec 15, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Unrestricted Upload of File with Dangerous Type in GitHub repository openemr/openemr prior to 7.0.0.2.
CVE-2022-4505 1Open Emr 1Openemr Nov 21, 2024 Dec 15, 2022 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Authorization Bypass Through User-Controlled Key in GitHub repository openemr/openemr prior to 7.0.0.2.
CVE-2022-4504 1Open Emr 1Openemr Nov 21, 2024 Dec 15, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 Improper Input Validation in GitHub repository openemr/openemr prior to 7.0.0.2.
CVE-2022-4503 1Open Emr 1Openemr Nov 21, 2024 Dec 15, 2022 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Cross-site Scripting (XSS) - Generic in GitHub repository openemr/openemr prior to 7.0.0.2.
CVE-2022-4502 1Open Emr 1Openemr Nov 21, 2024 Dec 15, 2022 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr prior to 7.0.0.2.
CVE-2022-2824 1Open Emr 1Openemr Feb 25, 2026 Aug 15, 2022 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Authorization Bypass Through User-Controlled Key in GitHub repository openemr/openemr prior to 7.0.0.1.
CVE-2022-2734 1Open Emr 1Openemr Nov 21, 2024 Aug 9, 2022 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Improper Restriction of Rendered UI Layers or Frames in GitHub repository openemr/openemr prior to 7.0.0.1.
CVE-2022-2733 1Open Emr 1Openemr Nov 21, 2024 Aug 9, 2022 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr prior to 7.0.0.1.
CVE-2022-2732 1Open Emr 1Openemr Feb 25, 2026 Aug 9, 2022 N/A· v4 8.3 HIGH· v3 N/A· v2 Missing Authorization in GitHub repository openemr/openemr prior to 7.0.0.1.
CVE-2022-2731 1Open Emr 1Openemr Nov 21, 2024 Aug 9, 2022 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr prior to 7.0.0.1.
CVE-2022-2730 1Open Emr 1Openemr Nov 21, 2024 Aug 9, 2022 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Authorization Bypass Through User-Controlled Key in GitHub repository openemr/openemr prior to 7.0.0.1.
CVE-2022-2729 1Open Emr 1Openemr Nov 21, 2024 Aug 9, 2022 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Cross-site Scripting (XSS) - DOM in GitHub repository openemr/openemr prior to 7.0.0.1.
CVE-2022-2494 1Open Emr 1Openemr Nov 21, 2024 Jul 22, 2022 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Cross-site Scripting (XSS) - Stored in GitHub repository openemr/openemr prior to 7.0.0.
CVE-2022-2493 1Open Emr 1Openemr Nov 21, 2024 Jul 22, 2022 N/A· v4 8.1 HIGH· v3 N/A· v2 Data Access from Outside Expected Data Manager Component in GitHub repository openemr/openemr prior to 7.0.0.

Previous 1...567...11 Next