Filtered by vendor Open-emr Subscriptions
Total 141 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-22973 1 Open-emr 1 Openemr 2025-03-12 8.8 High
A Local File Inclusion (LFI) vulnerability in interface/forms/LBF/new.php in OpenEMR < 7.0.0 allows remote authenticated users to execute code via the formname parameter.
CVE-2023-22974 1 Open-emr 1 Openemr 2025-03-12 7.5 High
A Path Traversal in setup.php in OpenEMR < 7.0.0 allows remote unauthenticated users to read arbitrary files by controlling a connection to an attacker-controlled MySQL server.
CVE-2023-2566 1 Open-emr 1 Openemr 2025-01-29 4.8 Medium
Cross-site Scripting (XSS) - Stored in GitHub repository openemr/openemr prior to 7.0.1.
CVE-2023-2674 1 Open-emr 1 Openemr 2025-01-24 4.3 Medium
Improper Access Control in GitHub repository openemr/openemr prior to 7.0.1.
CVE-2023-2946 1 Open-emr 1 Openemr 2025-01-14 8.1 High
Improper Access Control in GitHub repository openemr/openemr prior to 7.0.1.
CVE-2023-2947 1 Open-emr 1 Openemr 2025-01-14 4.8 Medium
Cross-site Scripting (XSS) - Stored in GitHub repository openemr/openemr prior to 7.0.1.
CVE-2023-2942 1 Open-emr 1 Openemr 2025-01-14 8.1 High
Improper Input Validation in GitHub repository openemr/openemr prior to 7.0.1.
CVE-2023-2943 1 Open-emr 1 Openemr 2025-01-14 8.8 High
Code Injection in GitHub repository openemr/openemr prior to 7.0.1.
CVE-2023-2944 1 Open-emr 1 Openemr 2025-01-14 5.4 Medium
Improper Access Control in GitHub repository openemr/openemr prior to 7.0.1.
CVE-2023-2945 1 Open-emr 1 Openemr 2025-01-14 5.4 Medium
Missing Authorization in GitHub repository openemr/openemr prior to 7.0.1.
CVE-2023-2948 1 Open-emr 1 Openemr 2025-01-14 6.1 Medium
Cross-site Scripting (XSS) - Generic in GitHub repository openemr/openemr prior to 7.0.1.
CVE-2023-2949 1 Open-emr 1 Openemr 2025-01-14 6.1 Medium
Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr prior to 7.0.1.
CVE-2023-2950 1 Open-emr 1 Openemr 2025-01-14 8.1 High
Improper Authorization in GitHub repository openemr/openemr prior to 7.0.1.
CVE-2022-2824 1 Open-emr 1 Openemr 2024-11-21 8.8 High
Authorization Bypass Through User-Controlled Key in GitHub repository openemr/openemr prior to 7.0.0.1.
CVE-2022-2734 1 Open-emr 1 Openemr 2024-11-21 5.4 Medium
Improper Restriction of Rendered UI Layers or Frames in GitHub repository openemr/openemr prior to 7.0.0.1.
CVE-2022-2733 1 Open-emr 1 Openemr 2024-11-21 6.1 Medium
Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr prior to 7.0.0.1.
CVE-2022-2732 1 Open-emr 1 Openemr 2024-11-21 8.3 High
Missing Authorization in GitHub repository openemr/openemr prior to 7.0.0.1.
CVE-2022-2731 1 Open-emr 1 Openemr 2024-11-21 6.1 Medium
Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr prior to 7.0.0.1.
CVE-2022-2730 1 Open-emr 1 Openemr 2024-11-21 6.5 Medium
Authorization Bypass Through User-Controlled Key in GitHub repository openemr/openemr prior to 7.0.0.1.
CVE-2022-2729 1 Open-emr 1 Openemr 2024-11-21 5.4 Medium
Cross-site Scripting (XSS) - DOM in GitHub repository openemr/openemr prior to 7.0.0.1.