Security Vulnerabilities
- CVEs Published In May 2023
A vulnerability classified as critical has been found in code-projects Bus Dispatch and Information System 1.0. Affected is an unknown function of the file delete_bus.php. The manipulation of the argument busid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-230112.
Improper Authorization in GitHub repository openemr/openemr prior to 7.0.1.
Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr prior to 7.0.1.
Cross-site Scripting (XSS) - Generic in GitHub repository openemr/openemr prior to 7.0.1.
Improper Access Control in GitHub repository openemr/openemr prior to 7.0.1.
Cross-site Scripting (XSS) - Stored in GitHub repository openemr/openemr prior to 7.0.1.
Code Injection in GitHub repository openemr/openemr prior to 7.0.1.
Improper Access Control in GitHub repository openemr/openemr prior to 7.0.1.
Missing Authorization in GitHub repository openemr/openemr prior to 7.0.1.
Improper Input Validation in GitHub repository openemr/openemr prior to 7.0.1.