CVE-2017-5598
- EPSS 0.29%
- Veröffentlicht 27.01.2017 10:59:00
- Zuletzt bearbeitet 20.04.2025 01:37:25
An issue was discovered in eClinicalWorks healow@work 8.0 build 8. This is a blind SQL injection within the EmployeePortalServlet, which can be exploited by un-authenticated users via an HTTP POST request and which can be used to dump database data o...
CVE-2017-5599
- EPSS 0.23%
- Veröffentlicht 27.01.2017 10:59:00
- Zuletzt bearbeitet 20.04.2025 01:37:25
An issue was discovered in eClinicalWorks Patient Portal 7.0 build 13. This is a reflected Cross Site Scripting vulnerability which affects the raceMasterList.jsp page within the Patient Portal. Inserted payload is rendered within the Patient Portal ...
CVE-2017-5569
- EPSS 1.93%
- Veröffentlicht 23.01.2017 17:59:00
- Zuletzt bearbeitet 20.04.2025 01:37:25
An issue was discovered in eClinicalWorks Patient Portal 7.0 build 13. This is a blind SQL injection within the template.jsp, which can be exploited without the need of authentication and via an HTTP POST request, and which can be used to dump databa...
CVE-2017-5570
- EPSS 0.33%
- Veröffentlicht 23.01.2017 17:59:00
- Zuletzt bearbeitet 20.04.2025 01:37:25
An issue was discovered in eClinicalWorks Patient Portal 7.0 build 13. This is a blind SQL injection within the messageJson.jsp, which can only be exploited by authenticated users via an HTTP POST request and which can be used to dump database data o...