Openclinic Ga Project

Openclinic Ga

37 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2020-27244

Exploit
  • EPSS 0.36%
  • Veröffentlicht 11.05.2021 11:15:07
  • Zuletzt bearbeitet 21.11.2024 05:20:55

An exploitable SQL injection vulnerability exists in ‘listImmoLabels.jsp’ page of OpenClinic GA 5.173.3 application. The immoCode parameter in the ‘listImmoLabels.jsp’ page is vulnerable to authenticated SQL injection. An attacker can make an authent...

8.8

CVE-2020-27246

Exploit
  • EPSS 0.36%
  • Veröffentlicht 11.05.2021 11:15:07
  • Zuletzt bearbeitet 21.11.2024 05:20:56

An exploitable SQL injection vulnerability exists in ‘listImmoLabels.jsp’ page of OpenClinic GA 5.173.3 application. The immoComment parameter in the ‘listImmoLabels.jsp’ page is vulnerable to authenticated SQL injection. An attacker can make an auth...

8.8

CVE-2020-27232

Exploit
  • EPSS 1.54%
  • Veröffentlicht 10.05.2021 20:15:07
  • Zuletzt bearbeitet 21.11.2024 05:20:54

An exploitable SQL injection vulnerability exists in ‘manageServiceStocks.jsp’ page of OpenClinic GA 5.173.3. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability...

8.8

CVE-2020-27231

Exploit
  • EPSS 0.36%
  • Veröffentlicht 10.05.2021 19:15:07
  • Zuletzt bearbeitet 21.11.2024 05:20:54

A number of exploitable SQL injection vulnerabilities exists in ‘patientslist.do’ page of OpenClinic GA 5.173.3 application. The findDistrict parameter in ‘‘patientslist.do’ page is vulnerable to authenticated SQL injection. An attacker can make an a...

8.8

CVE-2020-27230

Exploit
  • EPSS 0.33%
  • Veröffentlicht 10.05.2021 19:15:07
  • Zuletzt bearbeitet 21.11.2024 05:20:54

A number of exploitable SQL injection vulnerabilities exists in ‘patientslist.do’ page of OpenClinic GA 5.173.3 application. The findSector parameter in ‘‘patientslist.do’ page is vulnerable to authenticated SQL injection An attacker can make an auth...

8.8

CVE-2020-27229

Exploit
  • EPSS 0.33%
  • Veröffentlicht 10.05.2021 19:15:07
  • Zuletzt bearbeitet 21.11.2024 05:20:54

A number of exploitable SQL injection vulnerabilities exists in ‘patientslist.do’ page of OpenClinic GA 5.173.3 application. The findPersonID parameter in ‘‘patientslist.do’ page is vulnerable to authenticated SQL injection. An attacker can make an a...

8.8

CVE-2020-27226

Exploit
  • EPSS 1.43%
  • Veröffentlicht 10.05.2021 19:15:07
  • Zuletzt bearbeitet 21.11.2024 05:20:54

An exploitable SQL injection vulnerability exists in ‘quickFile.jsp’ page of OpenClinic GA 5.173.3. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability.

9.8

CVE-2020-27241

Exploit
  • EPSS 0.33%
  • Veröffentlicht 19.04.2021 21:15:13
  • Zuletzt bearbeitet 21.11.2024 05:20:55

An exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3. The serialnumber parameter in the getAssets.jsp page is vulnerable to unauthenticated SQL injection. An attacker can make an authenticated HTTP reques...

9.8

CVE-2020-27240

Exploit
  • EPSS 0.33%
  • Veröffentlicht 19.04.2021 21:15:12
  • Zuletzt bearbeitet 21.11.2024 05:20:55

An exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3. The componentStatus parameter in the getAssets.jsp page is vulnerable to unauthenticated SQL injection An attacker can make an authenticated HTTP requ...

9.8

CVE-2020-27239

Exploit
  • EPSS 0.33%
  • Veröffentlicht 15.04.2021 14:15:15
  • Zuletzt bearbeitet 21.11.2024 05:20:55

An exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3. The assetStatus parameter in the getAssets.jsp page is vulnerable to unauthenticated SQL injection An attacker can make an authenticated HTTP request ...