CVE-2025-12922
- EPSS 0.12%
- Veröffentlicht 10.11.2025 00:02:06
- Zuletzt bearbeitet 02.12.2025 16:02:38
A vulnerability was found in OpenClinica Community Edition up to 3.12.2/3.13. This affects an unknown part of the file /ImportCRFData?action=confirm of the component CRF Data Import. Performing manipulation of the argument xml_file results in path tr...
CVE-2025-12921
- EPSS 0.04%
- Veröffentlicht 09.11.2025 23:32:05
- Zuletzt bearbeitet 02.12.2025 16:12:41
A vulnerability has been found in OpenClinica Community Edition up to 3.12.2/3.13. Affected by this issue is some unknown functionality of the file /ImportCRFData?action=confirm of the component CRF Data Import. Such manipulation of the argument xml_...
CVE-2022-24831
- EPSS 0.26%
- Veröffentlicht 14.05.2022 01:15:06
- Zuletzt bearbeitet 21.11.2024 06:51:11
OpenClinica is an open source software for Electronic Data Capture (EDC) and Clinical Data Management (CDM). Versions prior to 3.16.1 are vulnerable to SQL injection due to the use of string concatenation to create SQL queries instead of prepared sta...
CVE-2022-24830
- EPSS 1.91%
- Veröffentlicht 14.05.2022 00:15:07
- Zuletzt bearbeitet 21.11.2024 06:51:11
OpenClinica is an open source software for Electronic Data Capture (EDC) and Clinical Data Management (CDM). OpenClinica prior to version 3.16 is vulnerable to path traversal in multiple endpoints, leading to arbitrary file read/write, and potential ...