exploit the possibilities
Showing 1 - 25 of 100 RSS Feed

Files

OpenEMR 5.0.0 Command Injection / Cross Site Scripting
Posted Dec 4, 2017
Authored by Fikri Fadzil, Wan Ikram, Jasveer Singh | Site sec-consult.com

OpenEMR version 5.0.0 suffers from code execution and cross site scripting vulnerabilities.

tags | exploit, vulnerability, code execution, xss
SHA-256 | cb323afd4eb9936c8fd21b2415f3e7b565e714471a0bae50bb61af03fdd63c92

Related Files

OpenEMR 6.0.0 / 6.1.0-dev SQL Injection
Posted Dec 15, 2021
Authored by Stefan Pietsch | Site trovent.io

OpenEMR versions 6.0.0 and 6.1.0-dev suffer from an authenticated remote SQL injection vulnerability in the calendar search functionality.

tags | exploit, remote, sql injection
advisories | CVE-2021-41843
SHA-256 | f3e63ffea1416dffa063591f3a4d64e9cd1199687a6d7273f62fcad46fd75f81
OpenEMR 6.0.0 Insecure Direct Object Reference
Posted Sep 1, 2021
Authored by Allen Enosh Upputori

OpenEMR version 6.0.0 suffers from an insecure direct object reference vulnerability.

tags | exploit
advisories | CVE-2021-40352
SHA-256 | 7d6123e4f92dbeac0fc04f7f189c4e37165184bded23fe55900d9c1c2944b65a
OpenEMR 5.0.1.3 Shell Upload
Posted Jul 13, 2021
Authored by Alexandre Zanni

OpenEMR version 5.0.1.3 authenticated remote shell upload exploit that leverages a vulnerability discovered in 2018.

tags | exploit, remote, shell
advisories | CVE-2018-15139
SHA-256 | c870808a4f9a9a137fcb679a6a3037401a0616eb79f037981dc723adf1f8b701
OpenEMR 5.0.1.7 Path Traversal
Posted Jul 5, 2021
Authored by Alexandre Zanni

OpenEMR version 5.0.17 path traversal exploit.

tags | exploit, file inclusion
advisories | CVE-2019-14530
SHA-256 | d922d48e6a0bee902e565673aa1c4471cc5327d78c48154ce121df3691d4e7ac
OpenEMR 5.0.1.7 Path Traversal
Posted Jun 18, 2021
Authored by Ron Jost

OpenEMR version 5.0.1.7 suffers from a path traversal vulnerability.

tags | exploit, file inclusion
advisories | CVE-2019-14530
SHA-256 | 4137f1bcde3ba0b062231c438d7bd1885e04568f8cb1e019f5635288f2560b7d
OpenEMR 5.0.1.3 Authentication Bypass
Posted Jun 17, 2021
Authored by Ron Jost

OpenEMR version 5.0.1.3 suffers from an authentication bypass vulnerability.

tags | exploit, bypass
advisories | CVE-2018-15152
SHA-256 | 8c51ce9e83e8eaeca8c59755964b36c0b72aafd2cc7c8e64dc0a2971a327baad
OpenEMR 5.0.1.3 Shell Upload
Posted Jun 14, 2021
Authored by Ron Jost

OpenEMR version 5.0.1.3 authenticated remote shell upload exploit.

tags | exploit, remote, shell
advisories | CVE-2018-15139
SHA-256 | 1c976d82d20d572267256bdb0e89f3da86fd7a4937ea55c99df13535b3d1abf2
OpenEMR 5.0.0 Remote Shell Upload
Posted Jun 11, 2021
Authored by Ron Jost

OpenEMR version 5.0.0 authenticated remote shell upload exploit.

tags | exploit, remote, shell
advisories | CVE-2017-9380
SHA-256 | 3477f1f072e94bd94017c7444dc3f0cdc0181bb156049e46ff8483d4de9bdca2
OpenEMR 5.0.2.1 Remote Code Execution
Posted Apr 21, 2021
Authored by Hato0, BvThTrd

OpenEMR version 5.0.2.1 remote code execution exploit that drops in a reverse shell.

tags | exploit, remote, shell, code execution
SHA-256 | 19c8469e1f4adb849ff6cc14a09cddd215b6ce8699d9be7ed6adaccfcbba09c2
OpenEMR 4.1.0 SQL Injection
Posted Apr 5, 2021
Authored by Michael Ikua

OpenEMR version 4.1.0 remote SQL Injection exploit.

tags | exploit, remote, sql injection
SHA-256 | ccd74be3fd16945d3d2013767e5c44425bc689a37ff0209b75e8e1f23d50d9ba
OpenEMR 5.0.1 Remote Code Execution
Posted Aug 3, 2020
Authored by Alexandre Zanni | Site github.com

OpenEMR versions 5.0.1 and below authenticated remote code execution exploit written in ruby.

tags | exploit, remote, code execution, ruby
SHA-256 | 7f48877b7731f082b5433de3e5ae805d4a0f4a8de62daf8987025281c09c42ae
OpenEMR 5.0.1 Remote Code Execution
Posted Jun 28, 2020
Authored by Emre OVUNC

OpenEMR version 5.0.1 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | 30c2dce13c4d30c1351faa3934ffc815807ae3f57ed30e9c09176e6fe07bef30
OpenEMR Remote Code Execution
Posted May 26, 2020
Authored by Musyoka Ian

OpenEMR versions prior to 5.0.1 suffer from a remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | cef69fb8f736848a842b3b4f42a6007301ace4c581b4522cb7c84afa0d549868
OpenEMR 5.0.1.3 File Read / Write / Delete
Posted Aug 16, 2018
Authored by Joshua Fam

OpenEMR version 5.0.1.3 suffers from arbitrary file read, write, and delete vulnerabilities.

tags | exploit, arbitrary, vulnerability
advisories | CVE-2018-15140, CVE-2018-15141, CVE-2018-15142
SHA-256 | e3013113e1a75a23ff07ff104eebc4f7e15d6667699b3fcf0f7297c2ed4ea905
OpenEMR 5.0.1.3 Remote Code Execution
Posted Aug 7, 2018
Authored by Cody Zacharias

OpenEMR version 5.0.1.3 remote code execution exploit.

tags | exploit, remote, code execution
SHA-256 | 6cde9b6b4452f1d71b8fce2b7d11566e6e8265715df2dc588ac667c2a69e14a8
OpenEMR 4.2.0 Authentication Bypass
Posted Jun 19, 2015
Authored by Brian D. Hysell

OpenEMR versions 4.2.0 and 4.2.0 patch 1 suffer from an authentication bypass vulnerability.

tags | advisory, bypass
advisories | CVE-2015-4453
SHA-256 | a589315de279dd22ee99c036b36a4cfd6f70531f2f25bab5afeaec7ef31766f6
openEMR 4.2.0 Cross Site Scripting / SQL Injection
Posted Mar 24, 2015
Authored by Steffen Roesemann

openEMR version 4.2.0 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 136128c86a8cdf2ba34308166c5782a4d4d518a5c95d5d6c966b0e3831d31b38
OpenEMR 4.1.2(7) SQL Injection
Posted Dec 5, 2014
Authored by Jerzy Kramarz | Site portcullis-security.com

OpenEMR versions 4.1.2(7) and below suffer from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
advisories | CVE-2014-5462
SHA-256 | 4de926af3b89e3942d0921fa00d1c8a989396aa79190f2ae6420dd84beedb669
OpenEMR 4.1.1 Patch 14 SQLi Privilege Escalation Remote Code Execution
Posted Sep 20, 2013
Authored by xistence | Site metasploit.com

This Metasploit module exploits a vulnerability found in OpenEMR version 4.1.1 Patch 14 and lower. When logging in as any non-admin user it's possible to retrieve the admin SHA1 password hash from the database through SQL injection. The SQL injection vulnerability exists in the "new_comprehensive_save.php" page. This hash can be used to log in as the admin user. After logging in, the "manage_site_files.php" page will be used to upload arbitrary code.

tags | exploit, arbitrary, php, sql injection
SHA-256 | 153813f0acc368a45adcb43f7156aa643bd4c5305a6564c6562b51d3c58cec74
OpenEMR 4.1.1 Patch 14 SQL Injection / Shell Upload
Posted Sep 17, 2013
Authored by xistence

OpenEMR version 4.1.1 Patch 14 suffers from remote shell upload and remote SQL injection vulnerabilities.

tags | exploit, remote, shell, vulnerability, sql injection
SHA-256 | dd2bb2f9a5d3ce8ac7e4ee72e80cd42dbbbcb6ec9045c094bc63c0831a0f7e7a
OpenEMR 4.1.1 patch-12 Cross Site Scripting / SQL Injection
Posted Jul 14, 2013
Authored by Nate Drier | Site trustwave.com

OpenEMR versions 4.1.1 patch-12 and below suffer from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
advisories | CVE-2013-4619, CVE-2013-4620
SHA-256 | 34d2a68eac35ef40f833eadd836730cb6db7a18c16f6872866a69898d3908187
OpenEMR 4.1.1 Cross Site Scripting
Posted Feb 21, 2013
Authored by LiquidWorm | Site zeroscience.mk

OpenEMR version 4.1.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 2794e272098c49fab5ad0608f9d0bb8abb46fa3cfb850da04587f0f744cfa619
OpenEMR PHP File Upload
Posted Feb 20, 2013
Authored by LiquidWorm, juan vazquez | Site metasploit.com

This Metasploit module exploits a vulnerability found in OpenEMR 4.1.1. By abusing the ofc_upload_image.php file from the openflashchart library, a malicious user can upload a file to the tmp-upload-images directory without any authentication, which results in arbitrary code execution. The module has been tested successfully on OpenEMR 4.1.1 over Ubuntu 10.04.

tags | exploit, arbitrary, php, code execution
systems | linux, ubuntu
advisories | OSVDB-90222
SHA-256 | 09f5efca41c484db706376ef3dfea164467c56c4d486e5b9040b98c0af8c332a
OpenEMR 4.1.1 Shell Upload
Posted Feb 13, 2013
Authored by LiquidWorm | Site zeroscience.mk

OpenEMR version 4.1.1 suffers from an arbitrary file upload vulnerability in ofc_upload_image.php. Included is an exploit that triggers a reverse shell.

tags | exploit, arbitrary, shell, php, file upload
SHA-256 | d0a9864906a133104e4d3b529af97354bc0bafe48d8e3362a233ef4042d769e6
OpenEMR 4.1.0 Local File Inclusion / Command Execution
Posted Feb 2, 2012
Authored by High-Tech Bridge SA | Site htbridge.com

OpenEMR version 4.1.0 suffers from local file inclusion and arbitrary command execution vulnerabilities.

tags | exploit, arbitrary, local, vulnerability, file inclusion
SHA-256 | aeb45ca876c22fbb0b013302962406c9de617641da105d221405ecc194efebf2
Page 1 of 4
Back1234Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close