CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Open-Emr: >> Openemr >> 5.0.1-6 Security Vulnerabilities

CVE-2018-15144

SQL injection vulnerability in interface/de_identification_forms/find_drug_popup.php in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary SQL commands via the search_term parameter.

CVSS Score

8.8

EPSS Score

0.0

Published

2018-08-13

CVE-2018-9250

interface\super\edit_list.php in OpenEMR before v5_0_1_1 allows remote authenticated users to execute arbitrary SQL commands via the newlistname parameter.

CVSS Score

8.8

EPSS Score

0.252

Published

2018-05-18

Page 11

Vulnerabilities

Vulnerable Software

Open-Emr: >> Openemr >> 5.0.1-6 Security Vulnerabilities

Products

Pricing

Contact Us