Search Results (Refine Search)
- Keyword (text search): cpe:2.3:a:open-emr:openemr:6.0.0:-:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2023-2950 |
Improper Authorization in GitHub repository openemr/openemr prior to 7.0.1. Published: May 28, 2023; 12:15:14 AM -0400 |
V4.0:(not available) V3.1: 8.1 HIGH V2.0:(not available) |
CVE-2023-2949 |
Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr prior to 7.0.1. Published: May 28, 2023; 12:15:13 AM -0400 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0:(not available) |
CVE-2023-2948 |
Cross-site Scripting (XSS) - Generic in GitHub repository openemr/openemr prior to 7.0.1. Published: May 28, 2023; 12:15:12 AM -0400 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0:(not available) |
CVE-2023-2947 |
Cross-site Scripting (XSS) - Stored in GitHub repository openemr/openemr prior to 7.0.1. Published: May 27, 2023; 7:15:09 PM -0400 |
V4.0:(not available) V3.1: 4.8 MEDIUM V2.0:(not available) |
CVE-2023-2946 |
Improper Access Control in GitHub repository openemr/openemr prior to 7.0.1. Published: May 27, 2023; 7:15:09 PM -0400 |
V4.0:(not available) V3.1: 8.1 HIGH V2.0:(not available) |
CVE-2023-2945 |
Missing Authorization in GitHub repository openemr/openemr prior to 7.0.1. Published: May 27, 2023; 6:15:10 PM -0400 |
V4.0:(not available) V3.1: 5.4 MEDIUM V2.0:(not available) |
CVE-2023-2944 |
Improper Access Control in GitHub repository openemr/openemr prior to 7.0.1. Published: May 27, 2023; 6:15:10 PM -0400 |
V4.0:(not available) V3.1: 5.4 MEDIUM V2.0:(not available) |
CVE-2023-2943 |
Code Injection in GitHub repository openemr/openemr prior to 7.0.1. Published: May 27, 2023; 6:15:10 PM -0400 |
V4.0:(not available) V3.1: 8.8 HIGH V2.0:(not available) |
CVE-2023-2942 |
Improper Input Validation in GitHub repository openemr/openemr prior to 7.0.1. Published: May 27, 2023; 6:15:09 PM -0400 |
V4.0:(not available) V3.1: 8.1 HIGH V2.0:(not available) |
CVE-2023-2674 |
Improper Access Control in GitHub repository openemr/openemr prior to 7.0.1. Published: May 12, 2023; 4:15:09 AM -0400 |
V4.0:(not available) V3.1: 4.3 MEDIUM V2.0:(not available) |
CVE-2023-2566 |
Cross-site Scripting (XSS) - Stored in GitHub repository openemr/openemr prior to 7.0.1. Published: May 08, 2023; 1:15:09 AM -0400 |
V4.0:(not available) V3.1: 4.8 MEDIUM V2.0:(not available) |
CVE-2023-22974 |
A Path Traversal in setup.php in OpenEMR < 7.0.0 allows remote unauthenticated users to read arbitrary files by controlling a connection to an attacker-controlled MySQL server. Published: February 22, 2023; 4:15:11 PM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-22973 |
A Local File Inclusion (LFI) vulnerability in interface/forms/LBF/new.php in OpenEMR < 7.0.0 allows remote authenticated users to execute code via the formname parameter. Published: February 22, 2023; 4:15:11 PM -0500 |
V4.0:(not available) V3.1: 8.8 HIGH V2.0:(not available) |
CVE-2023-22972 |
A Reflected Cross-site scripting (XSS) vulnerability in interface/forms/eye_mag/php/eye_mag_functions.php in OpenEMR < 7.0.0 allows remote authenticated users to inject arbitrary web script or HTML via the REQUEST_URI. Published: February 22, 2023; 4:15:11 PM -0500 |
V4.0:(not available) V3.1: 5.4 MEDIUM V2.0:(not available) |
CVE-2022-4733 |
Cross-site Scripting (XSS) - Stored in GitHub repository openemr/openemr prior to 7.0.0.2. Published: December 27, 2022; 10:15:12 AM -0500 |
V4.0:(not available) V3.1: 4.8 MEDIUM V2.0:(not available) |
CVE-2022-4615 |
Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr prior to 7.0.0.2. Published: December 19, 2022; 3:15:13 PM -0500 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0:(not available) |
CVE-2022-4567 |
Improper Access Control in GitHub repository openemr/openemr prior to 7.0.0.2. Published: December 17, 2022; 1:15:07 AM -0500 |
V4.0:(not available) V3.1: 8.1 HIGH V2.0:(not available) |
CVE-2022-4506 |
Unrestricted Upload of File with Dangerous Type in GitHub repository openemr/openemr prior to 7.0.0.2. Published: December 14, 2022; 8:15:11 PM -0500 |
V4.0:(not available) V3.1: 8.8 HIGH V2.0:(not available) |
CVE-2022-4505 |
Authorization Bypass Through User-Controlled Key in GitHub repository openemr/openemr prior to 7.0.0.2. Published: December 14, 2022; 8:15:11 PM -0500 |
V4.0:(not available) V3.1: 4.3 MEDIUM V2.0:(not available) |
CVE-2022-4504 |
Improper Input Validation in GitHub repository openemr/openemr prior to 7.0.0.2. Published: December 14, 2022; 8:15:11 PM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |