CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Openemr: >> Openemr >> 4.1.0 Security Vulnerabilities

CVE-2012-0991

Multiple directory traversal vulnerabilities in OpenEMR 4.1.0 allow remote authenticated users to read arbitrary files via a .. (dot dot) in the formname parameter to (1) contrib/acog/print_form.php; or (2) load_form.php, (3) view_form.php, or (4) trend_form.php in interface/patient_file/encounter.

CVSS Score

3.5

EPSS Score

0.707

Published

2012-02-07

CVE-2012-0992

interface/fax/fax_dispatch.php in OpenEMR 4.1.0 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the file parameter.

CVSS Score

8.5

EPSS Score

0.058

Published

2012-02-07

Page 1

Vulnerabilities

Vulnerable Software

Openemr: >> Openemr >> 4.1.0 Security Vulnerabilities

Products

Pricing

Contact Us