exploit the possibilities
Showing 1 - 25 of 33 RSS Feed

Files

OpenEMR 5.0.1 Remote Code Execution
Posted Jun 28, 2020
Authored by Emre OVUNC

OpenEMR version 5.0.1 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | 23ed8b760daddea91e76635e26b35ede

Related Files

OpenEMR 5.0.1 Remote Code Execution
Posted Aug 3, 2020
Authored by Alexandre Zanni | Site github.com

OpenEMR versions 5.0.1 and below authenticated remote code execution exploit written in ruby.

tags | exploit, remote, code execution, ruby
MD5 | 0c4b5a66f0b188dd68ac3a5de13961d4
OpenEMR Remote Code Execution
Posted May 26, 2020
Authored by Musyoka Ian

OpenEMR versions prior to 5.0.1 suffer from a remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | 87a864957a5dc630242ec3e29a88bed1
OpenEMR 5.0.1.3 File Read / Write / Delete
Posted Aug 16, 2018
Authored by Joshua Fam

OpenEMR version 5.0.1.3 suffers from arbitrary file read, write, and delete vulnerabilities.

tags | exploit, arbitrary, vulnerability
advisories | CVE-2018-15140, CVE-2018-15141, CVE-2018-15142
MD5 | 8c5ed52e9a7bf67bc17c83f353a1e80f
OpenEMR 5.0.1.3 Remote Code Execution
Posted Aug 7, 2018
Authored by Cody Zacharias

OpenEMR version 5.0.1.3 remote code execution exploit.

tags | exploit, remote, code execution
MD5 | 214119ee9c04f9480c280b81d78d0e9d
OpenEMR 5.0.0 Command Injection / Cross Site Scripting
Posted Dec 4, 2017
Authored by Fikri Fadzil, Wan Ikram, Jasveer Singh | Site sec-consult.com

OpenEMR version 5.0.0 suffers from code execution and cross site scripting vulnerabilities.

tags | exploit, vulnerability, code execution, xss
MD5 | ae3d7e59300638cb1a92e34e6480a979
OpenEMR 4.2.0 Authentication Bypass
Posted Jun 19, 2015
Authored by Brian D. Hysell

OpenEMR versions 4.2.0 and 4.2.0 patch 1 suffer from an authentication bypass vulnerability.

tags | advisory, bypass
advisories | CVE-2015-4453
MD5 | b1ce5eba069c8568b01d087def397c4c
openEMR 4.2.0 Cross Site Scripting / SQL Injection
Posted Mar 24, 2015
Authored by Steffen Roesemann

openEMR version 4.2.0 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 318c9532d067f3ca1c949cdff838e70a
OpenEMR 4.1.2(7) SQL Injection
Posted Dec 5, 2014
Authored by Jerzy Kramarz | Site portcullis-security.com

OpenEMR versions 4.1.2(7) and below suffer from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
advisories | CVE-2014-5462
MD5 | f5a1a6caaa8d8207f92143b2089aedf7
OpenEMR 4.1.1 Patch 14 SQLi Privilege Escalation Remote Code Execution
Posted Sep 20, 2013
Authored by xistence | Site metasploit.com

This Metasploit module exploits a vulnerability found in OpenEMR version 4.1.1 Patch 14 and lower. When logging in as any non-admin user it's possible to retrieve the admin SHA1 password hash from the database through SQL injection. The SQL injection vulnerability exists in the "new_comprehensive_save.php" page. This hash can be used to log in as the admin user. After logging in, the "manage_site_files.php" page will be used to upload arbitrary code.

tags | exploit, arbitrary, php, sql injection
MD5 | 35fc05e9cd467ed94aa6be2b04ec3c52
OpenEMR 4.1.1 Patch 14 SQL Injection / Shell Upload
Posted Sep 17, 2013
Authored by xistence

OpenEMR version 4.1.1 Patch 14 suffers from remote shell upload and remote SQL injection vulnerabilities.

tags | exploit, remote, shell, vulnerability, sql injection
MD5 | fc85bb950ca8fefa1757abd901f0ab41
OpenEMR 4.1.1 patch-12 Cross Site Scripting / SQL Injection
Posted Jul 14, 2013
Authored by Nate Drier | Site trustwave.com

OpenEMR versions 4.1.1 patch-12 and below suffer from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
advisories | CVE-2013-4619, CVE-2013-4620
MD5 | fc87446e60ffe507fc1064a5a41b99c6
OpenEMR 4.1.1 Cross Site Scripting
Posted Feb 21, 2013
Authored by LiquidWorm | Site zeroscience.mk

OpenEMR version 4.1.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 0fbde4d31377b7430b3c3cf63f25b72a
OpenEMR PHP File Upload
Posted Feb 20, 2013
Authored by LiquidWorm, juan vazquez | Site metasploit.com

This Metasploit module exploits a vulnerability found in OpenEMR 4.1.1. By abusing the ofc_upload_image.php file from the openflashchart library, a malicious user can upload a file to the tmp-upload-images directory without any authentication, which results in arbitrary code execution. The module has been tested successfully on OpenEMR 4.1.1 over Ubuntu 10.04.

tags | exploit, arbitrary, php, code execution
systems | linux, ubuntu
advisories | OSVDB-90222
MD5 | c7b131604319426cce134fab1a42a85f
OpenEMR 4.1.1 Shell Upload
Posted Feb 13, 2013
Authored by LiquidWorm | Site zeroscience.mk

OpenEMR version 4.1.1 suffers from an arbitrary file upload vulnerability in ofc_upload_image.php. Included is an exploit that triggers a reverse shell.

tags | exploit, arbitrary, shell, php, file upload
MD5 | 8cdeee15077a4e302c0d3ab4d82ca80a
OpenEMR 4.1.0 Local File Inclusion / Command Execution
Posted Feb 2, 2012
Authored by High-Tech Bridge SA | Site htbridge.com

OpenEMR version 4.1.0 suffers from local file inclusion and arbitrary command execution vulnerabilities.

tags | exploit, arbitrary, local, vulnerability, file inclusion
MD5 | 8e52a944abfc1d0fef5c1ff42017775c
Secunia Security Advisory 47781
Posted Feb 1, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - High-Tech Bridge SA has discovered multiple vulnerabilities in OpenEMR, which can be exploited by malicious users to disclose sensitive information and compromise a vulnerable system and by malicious people to disclose sensitive information.

tags | advisory, vulnerability
MD5 | 4788d2dd6ee08c42ee31c1f40a7cf034
OpenEMR 4.1.0 SQL Injection
Posted Jan 3, 2012
Authored by Canberk BOLAT | Site netsparker.com

OpenEMR is affected by a remote SQL injection vulnerability in version 4.1.0.

tags | exploit, remote, sql injection
MD5 | e5fc30bfd7ed1f43dfdbc4641e3dd252
OpenEMR 4 Cross Site Scripting / SQL Injection
Posted Dec 26, 2011
Authored by Level

OpenEMR 4 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 8696de0daa2faaf67ecdd527e74adb07
Secunia Security Advisory 46560
Posted Oct 25, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been discovered in OpenEMR, which can be exploited by malicious users to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
MD5 | c96e198a085148b38993114db510fff7
Open EMR 4.0 SQL Injection
Posted Oct 21, 2011
Authored by Houssam Sahli, Mehdi Boukazoula

Open EMR version 4.0 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 5acf537ae942f9b7e88538ef39a71dda
Openemr 4.1.0 SQL Injection
Posted Oct 19, 2011
Authored by I2sec-dae jin Oh

Openemr version 4.1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 5f5cc570419e13bab838fceb8dd40cef
OpenEMR 4.0.0 Cross Site Scripting
Posted Aug 9, 2011
Authored by Houssam Sahli

OpenEMR version 4.0.0 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 34e03041b27123054ec92008f4fc8d29
Secunia Security Advisory 43970
Posted Apr 5, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - John Leitch has discovered multiple vulnerabilities in OpenEMR, which can be exploited by malicious people to conduct cross-site scripting attacks and disclose sensitive information.

tags | advisory, vulnerability, xss
MD5 | d37c2f801ba680d8ffef5ec824ec6423
OpenEMR 4.0.0 Database Manipulation
Posted Apr 4, 2011
Authored by AutoSec Tools | Site autosectools.com

OpenEMR version 4.0.0 suffers from arbitrary database creation / enumeration.

tags | exploit, arbitrary
MD5 | 839c0e5a633cdcd056e8d0a1d796feaf
OpenEMR 4.0.0 Local File Inclusion
Posted Apr 4, 2011
Authored by AutoSec Tools | Site autosectools.com

A local file inclusion vulnerability in OpenEMR version 4.0.0 can be exploited to include arbitrary files.

tags | exploit, arbitrary, local, file inclusion
MD5 | b67613bca273ae3066d18e3b2d4cad12
Page 1 of 2
Back12Next

File Archive:

October 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    25 Files
  • 2
    Oct 2nd
    13 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    1 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    15 Files
  • 7
    Oct 7th
    15 Files
  • 8
    Oct 8th
    11 Files
  • 9
    Oct 9th
    3 Files
  • 10
    Oct 10th
    1 Files
  • 11
    Oct 11th
    1 Files
  • 12
    Oct 12th
    8 Files
  • 13
    Oct 13th
    12 Files
  • 14
    Oct 14th
    23 Files
  • 15
    Oct 15th
    4 Files
  • 16
    Oct 16th
    13 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    1 Files
  • 19
    Oct 19th
    27 Files
  • 20
    Oct 20th
    41 Files
  • 21
    Oct 21st
    18 Files
  • 22
    Oct 22nd
    16 Files
  • 23
    Oct 23rd
    2 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close