CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-12064

The csv_log_html function in library/edihistory/edih_csv_inc.php in OpenEMR 5.0.0 and prior allows attackers to bypass intended access restrictions via a crafted name.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 68.3%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

https://github.com/openemr/openemr/commit/b8963a5ca483211ed8de71f18227a0e66a2582ad
https://github.com/openemr/openemr/commit/b8963a5ca483211ed8de71f18227a0e66a2582ad

Products affected by CVE-2017-12064

Open-Emr » Openemr » Version: 5.0.0

cpe:2.3:a:open-emr:openemr:5.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-12064

Products

Pricing

Contact Us