cbcvebase.

Open-Emr Openemr vulnerabilities

216 known vulnerabilities affecting open-emr/openemr.

Total CVEs
216
CISA KEV
0
Public exploits
20
Exploited in wild
0
Severity breakdown
CRITICAL14HIGH80MEDIUM120LOW2

Vulnerabilities

Page 2 of 11
CVE-2018-9250P2HIGHCVSS 8.8fixed in 5.0.1.12018-05-18
CVE-2018-9250 [HIGH] CWE-89 CVE-2018-9250: interface\super\edit_list.php in OpenEMR before v5_0_1_1 allows remote authenticated users to execut interface\super\edit_list.php in OpenEMR before v5_0_1_1 allows remote authenticated users to execute arbitrary SQL commands via the newlistname parameter.
nvd
CVE-2019-14529P2CRITICALCVSS 9.8fixed in 5.0.22019-08-02
CVE-2019-14529 [CRITICAL] CWE-89 CVE-2019-14529: OpenEMR before 5.0.2 allows SQL Injection in interface/forms/eye_mag/save.php. OpenEMR before 5.0.2 allows SQL Injection in interface/forms/eye_mag/save.php.
nvd
CVE-2020-13568P2HIGHCVSS 8.8v5.0.22021-04-13
CVE-2020-13568 [HIGH] CWE-89 CVE-2020-13568: SQL injection vulnerability exists in phpGACL 3.3.7. A specially crafted HTTP request can lead to a SQL injection vulnerability exists in phpGACL 3.3.7. A specially crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability in admin/edit_group.php, when the POST parameter action is “Submit”, the POST parameter parent_id leads to a SQL injection.
nvd
CVE-2018-15154P2HIGHCVSS 8.8fixed in 5.0.1.42018-08-15
CVE-2018-15154 [HIGH] CWE-78 CVE-2018-15154: OS command injection occurring in versions of OpenEMR before 5.0.1.4 allows a remote authenticated a OS command injection occurring in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary commands by making a crafted request to interface/billing/sl_eob_search.php after modifying the "print_command" global variable in interface/super/edit_globals.php.
nvd
CVE-2018-15155P2HIGHCVSS 8.8fixed in 5.0.1.42018-08-15
CVE-2018-15155 [HIGH] CWE-78 CVE-2018-15155: OS command injection occurring in versions of OpenEMR before 5.0.1.4 allows a remote authenticated a OS command injection occurring in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary commands by making a crafted request to interface/fax/fax_dispatch.php after modifying the "hylafax_enscript" global variable in interface/super/edit_globals.php.
nvd
CVE-2018-15156P2HIGHCVSS 8.8fixed in 5.0.1.42018-08-15
CVE-2018-15156 [HIGH] CWE-78 CVE-2018-15156: OS command injection occurring in versions of OpenEMR before 5.0.1.4 allows a remote authenticated a OS command injection occurring in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary commands by making a crafted request to interface/fax/faxq.php after modifying the "hylafax_server" global variable in interface/super/edit_globals.php.
nvd
CVE-2026-24898P2CRITICALCVSS 9.8fixed in 8.0.02026-03-03
CVE-2026-24898 [CRITICAL] CWE-287 CVE-2026-24898: OpenEMR is a free and open source electronic health records and medical practice management applicat OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0, an unauthenticated token disclosure vulnerability in the MedEx callback endpoint allows any unauthenticated visitor to obtain the practice's MedEx API tokens, leading to complete third-party service compromise, PHI exfiltration,
nvd
CVE-2014-5462P3MEDIUMCVSS 6.5PoC≤ 4.1.22014-12-08
CVE-2014-5462 [MEDIUM] CWE-89 CVE-2014-5462: Multiple SQL injection vulnerabilities in OpenEMR 4.1.2 (Patch 7) and earlier allow remote authentic Multiple SQL injection vulnerabilities in OpenEMR 4.1.2 (Patch 7) and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) layout_id parameter to interface/super/edit_layout.php; (2) form_patient_id, (3) form_drug_name, or (4) form_lot_number parameter to interface/reports/prescriptions_report.php; (5) payment_id param
nvd
CVE-2026-23627P2HIGHCVSS 8.8fixed in 8.0.02026-02-25
CVE-2026-23627 [HIGH] CWE-89 CVE-2026-23627: OpenEMR is a free and open source electronic health records and medical practice management applicat OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, an SQL injection vulnerability in the Immunization module allows any authenticated user to execute arbitrary SQL queries, leading to complete database compromise, PHI exfiltration, credential theft, and potential remote code
nvd
CVE-2019-3968P2HIGHCVSS 8.8≤ 5.0.1v5.0.1 and earlier2019-08-20
CVE-2019-3968 [HIGH] CWE-78 CVE-2019-3968: In OpenEMR 5.0.1 and earlier, an authenticated attacker can execute arbitrary commands on the host s In OpenEMR 5.0.1 and earlier, an authenticated attacker can execute arbitrary commands on the host system via the Scanned Forms interface when creating a new form.
nvd
CVE-2018-15143P2CRITICALCVSS 9.8fixed in 5.0.1.42018-08-13
CVE-2018-15143 [CRITICAL] CWE-89 CVE-2018-15143: Multiple SQL injection vulnerabilities in portal/find_appt_popup_user.php in versions of OpenEMR bef Multiple SQL injection vulnerabilities in portal/find_appt_popup_user.php in versions of OpenEMR before 5.0.1.4 allow a remote attacker to execute arbitrary SQL commands via the (1) catid or (2) providerid parameter.
nvd
CVE-2018-15145P2CRITICALCVSS 9.8fixed in 5.0.1.42018-08-13
CVE-2018-15145 [CRITICAL] CWE-89 CVE-2018-15145: Multiple SQL injection vulnerabilities in portal/add_edit_event_user.php in versions of OpenEMR befo Multiple SQL injection vulnerabilities in portal/add_edit_event_user.php in versions of OpenEMR before 5.0.1.4 allow a remote attacker to execute arbitrary SQL commands via the (1) eid, (2) userid, or (3) pid parameter.
nvd
CVE-2026-25746P2HIGHCVSS 8.8fixed in 8.0.02026-02-25
CVE-2026-25746 [HIGH] CWE-89 CVE-2026-25746: OpenEMR is a free and open source electronic health records and medical practice management applicat OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 8.0.0 contain a SQL injection vulnerability in prescription that can be exploited by authenticated attackers. The vulnerability exists due to insufficient input validation in the prescription listing functionality. Version 8.0.0 fi
nvd
CVE-2026-32238P3CRITICALCVSS 9.1fixed in 8.0.0.22026-03-19
CVE-2026-32238 [CRITICAL] CWE-78 CVE-2026-32238: OpenEMR is a free and open source electronic health records and medical practice management applicat OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 8.0.0.2 contain a Command injection vulnerability in the backup functionality that can be exploited by authenticated attackers. The vulnerability exists due to insufficient input validation in the backup functionality. Version
nvd
CVE-2018-1000019P2HIGHCVSS 8.8v5.0.02018-02-09
CVE-2018-1000019 [HIGH] CWE-78 CVE-2018-1000019: OpenEMR version 5.0.0 contains a OS Command Injection vulnerability in fax_dispatch.php that can res OpenEMR version 5.0.0 contains a OS Command Injection vulnerability in fax_dispatch.php that can result in OS command injection by an authenticated attacker with any role. This vulnerability appears to have been fixed in 5.0.0 Patch 2 or higher.
nvd
CVE-2024-37734P2CRITICALCVSS 9.8v7.0.22024-06-26
CVE-2024-37734 [CRITICAL] CWE-279 CVE-2024-37734: An issue in OpenEMR 7.0.2 allows a remote attacker to escalate privileges viaa crafted POST request An issue in OpenEMR 7.0.2 allows a remote attacker to escalate privileges viaa crafted POST request using the noteid parameter.
nvd
CVE-2026-29187P3HIGHCVSS 8.8fixed in 8.0.0.32026-03-25
CVE-2026-29187 [HIGH] CWE-89 CVE-2026-29187: OpenEMR is a free and open source electronic health records and medical practice management applicat OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, a Blind SQL Injection vulnerability exists in the Patient Search functionality (/interface/new/new_search_popup.php). The vulnerability allows an authenticated attacker to execute arbitrary SQL commands by manipulating the
nvd
CVE-2020-13567P3CRITICALCVSS 9.8v5.0.2v6.0.02022-04-18
CVE-2020-13567 [CRITICAL] CWE-89 CVE-2020-13567: Multiple SQL injection vulnerabilities exist in phpGACL 3.3.7. A specially crafted HTTP request can Multiple SQL injection vulnerabilities exist in phpGACL 3.3.7. A specially crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability.
nvd
CVE-2021-25921P3MEDIUMCVSS 5.4≥ 2.7.3, ≤ 6.0.0v2.7.3-rc1, 2.8.0, 2.8.1, 2.8.2, 2.8.3, 2.9.0, 3.0.0, 3.0.1, 3.1.0, 3.2.0, 4.0.0, 4.1.0, 4.1.1, 4.1.2, 4.1.2.3, 4.1.2.6, 4.1.2.7, 4.2.0, 4.2.0.3, 4.2.1, 4.2.2, 5.0.0, 5.0.0.5, 5.0.0.6, 5.0.1, 5.0.1.1, 5.0.1.2, 5.0.1.3, 5.0.1.4, 5.0.1.5, 5.0.1.6, 5.0.1.7, 5.0.2, 5.0.2.1, 5.0.2.2, 5.0.2.3, 5.0.2.4, 6.0.02021-03-22
CVE-2021-25921 [MEDIUM] CWE-79 CVE-2021-25921: In OpenEMR, versions 2.7.3-rc1 to 6.0.0 are vulnerable to Stored Cross-Site-Scripting (XSS) due to u In OpenEMR, versions 2.7.3-rc1 to 6.0.0 are vulnerable to Stored Cross-Site-Scripting (XSS) due to user input not being validated properly in the `Allergies` section. An attacker could lure an admin to enter a malicious payload and by that initiate the exploit.
nvd
CVE-2024-22611P3CRITICALCVSS 9.8v7.0.22025-04-03
CVE-2024-22611 [CRITICAL] CWE-89 CVE-2024-22611: OpenEMR 7.0.2 is vulnerable to SQL Injection via \openemr\library\classes\Pharmacy.class.php, \contr OpenEMR 7.0.2 is vulnerable to SQL Injection via \openemr\library\classes\Pharmacy.class.php, \controllers\C_Pharmacy.class.php and \openemr\controller.php.
nvd
Open-Emr Openemr vulnerabilities | cvebase