Open-Emr: >> Openemr >> 2.0.1.2 Security Vulnerabilities
OpenEMR 5.0.0 and prior allows low-privilege users to upload files of dangerous types which can result in arbitrary code execution within the context of the vulnerable application.
CVSS Score
8.8
EPSS Score
0.009
Published
2017-06-02
SQL injection vulnerability in interface/login/validateUser.php in OpenEMR 4.1.0 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the u parameter.
CVSS Score
7.5
EPSS Score
0.002
Published
2012-09-09
Page 17