| Max CVSS | 6.8 | Min CVSS | 4.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2018-15140 | 4.0 |
Directory traversal in portal/import_template.php in versions of OpenEMR before 5.0.1.4 allows a remote attacker authenticated in the patient portal to read arbitrary files via the "docid" parameter when the mode is set to get.
|
10-10-2018 - 18:23 | 13-08-2018 - 18:29 | |
| CVE-2018-15142 | 6.5 |
Directory traversal in portal/import_template.php in versions of OpenEMR before 5.0.1.4 allows a remote attacker authenticated in the patient portal to execute arbitrary PHP code by writing a file with a PHP extension via the "docid" and "content" pa
|
10-10-2018 - 18:21 | 13-08-2018 - 18:29 | |
| CVE-2018-15141 | 5.5 |
Directory traversal in portal/import_template.php in versions of OpenEMR before 5.0.1.4 allows a remote attacker authenticated in the patient portal to delete arbitrary files via the "docid" parameter when the mode is set to delete.
|
10-10-2018 - 18:20 | 13-08-2018 - 18:29 | |
| CVE-2008-1126 | 6.8 |
PHP remote file inclusion vulnerability in main.php in Barryvan Compo Manager 0.3 allows remote attackers to execute arbitrary PHP code via a URL in the pageURL parameter. More information available at:
http://www.securityfocus.com/bid/28035/info
|
29-09-2017 - 01:30 | 03-03-2008 - 22:44 |