Shodan
Vulnerabilities
Vulnerable Software
Open-Emr:  >> Openemr  >> 4.1.2.6  Security Vulnerabilities
CVE-2025-31117
OpenEMR is a free and open source electronic health records and medical practice management application. An Out-of-Band Server-Side Request Forgery (OOB SSRF) vulnerability was identified in OpenEMR, allowing an attacker to force the server to make unauthorized requests to external or internal resources. this attack does not return a direct response but can be exploited through DNS or HTTP interactions to exfiltrate sensitive information. This vulnerability is fixed in 7.0.3.1.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-03-31
CVE-2025-30149
OpenEMR is a free and open source electronic health records and medical practice management application. OpenEMR allows reflected cross-site scripting (XSS) in the AJAX Script interface\super\layout_listitems_ajax.php via the target parameter. This vulnerability is fixed in 7.0.3.
CVSS Score
6.4
EPSS Score
0.002
Published
2025-03-31
CVE-2025-29789
OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 7.3.0 are vulnerable to Directory Traversal in the Load Code feature. Version 7.3.0 contains a patch for the issue.
CVSS Score
7.5
EPSS Score
0.004
Published
2025-03-25
CVE-2023-2950
Improper Authorization in GitHub repository openemr/openemr prior to 7.0.1.
CVSS Score
6.3
EPSS Score
0.002
Published
2023-05-28
CVE-2023-2949
Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr prior to 7.0.1.
CVSS Score
8.3
EPSS Score
0.722
Published
2023-05-28
CVE-2023-2948
Cross-site Scripting (XSS) - Generic in GitHub repository openemr/openemr prior to 7.0.1.
CVSS Score
8.3
EPSS Score
0.833
Published
2023-05-28
CVE-2023-2946
Improper Access Control in GitHub repository openemr/openemr prior to 7.0.1.
CVSS Score
6.3
EPSS Score
0.001
Published
2023-05-27
CVE-2023-2947
Cross-site Scripting (XSS) - Stored in GitHub repository openemr/openemr prior to 7.0.1.
CVSS Score
4.7
EPSS Score
0.204
Published
2023-05-27
CVE-2023-2943
Code Injection in GitHub repository openemr/openemr prior to 7.0.1.
CVSS Score
4.6
EPSS Score
0.001
Published
2023-05-27
CVE-2023-2944
Improper Access Control in GitHub repository openemr/openemr prior to 7.0.1.
CVSS Score
6.3
EPSS Score
0.001
Published
2023-05-27


Products
Pricing
Contact Us

Shodan ® - All rights reserved