Librehealth: >> Librehealth Ehr Security Vulnerabilities
LibreHealth EHR Base 2.0.0 allows incorrect interface/super/manage_site_files.php access.
CVSS Score
8.8
EPSS Score
0.004
Published
2022-06-09
LibreHealth EHR Base 2.0.0 allows interface/main/finder/finder_navigation.php patient XSS.
CVSS Score
6.1
EPSS Score
0.003
Published
2022-06-08
LibreHealth EHR Base 2.0.0 allows gacl/admin/acl_admin.php return_page XSS.
CVSS Score
6.1
EPSS Score
0.003
Published
2022-06-07
LibreHealth EHR Base 2.0.0 allows gacl/admin/acl_admin.php action XSS.
CVSS Score
6.1
EPSS Score
0.003
Published
2022-06-06
LibreHealth EHR Base 2.0.0 allows interface/orders/patient_match_dialog.php key XSS.
CVSS Score
6.1
EPSS Score
0.004
Published
2022-06-06
Cross Site scripting (XSS) vulnerability inLibreHealth EHR Base 2.0.0 via interface/usergroup/usergroup_admin_add.php Username.
CVSS Score
6.1
EPSS Score
0.003
Published
2022-06-06
LibreHealth EHR Base 2.0.0 allows gacl/admin/acl_admin.php acl_id XSS.
CVSS Score
6.1
EPSS Score
0.003
Published
2022-06-06
In LibreHealth EHR 2.0.0, lack of sanitization of the GET parameter payment_id in interface\billing\new_payment.php via interface\billing\payment_master.inc.php leads to SQL injection.
CVSS Score
8.8
EPSS Score
0.003
Published
2022-05-05
In LibreHealth EHR 2.0.0, lack of sanitization of the GET parameters debug and InsId in interface\billing\sl_eob_process.php leads to multiple cross-site scripting (XSS) vulnerabilities.
CVSS Score
5.4
EPSS Score
0.003
Published
2022-05-05
In LibreHealth EHR 2.0.0, lack of sanitization of the GET parameters formseq and formid in interface\orders\find_order_popup.php leads to multiple cross-site scripting (XSS) vulnerabilities.
CVSS Score
5.4
EPSS Score
0.003
Published
2022-05-05
Page 1