Monthly Archive: August 2018

Stroom version

LibreHealthIO lh-ehr version REL-2.0.0 contains a SQL Injection vulnerability in Show Groups Popup SQL query functions that can result in Ability to perform malicious database queries. This attack appear to be exploitable via User...

LibreHealthIO lh-ehr version REL-2.0.0 contains a Authenticated Unrestricted File Write in letter.php (2) vulnerability in Patient file letter functions that can result in Write files with malicious content and may lead to remote code...

LibreHealthIO lh-ehr version REL-2.0.0 contains a Authenticated Unrestricted File Write vulnerability in Patient file letter functions that can result in Write files with malicious content and may lead to remote code execution. This attack...

LibreHealthIO lh-ehr version REL-2.0.0 contains a Authenticated Unrestricted File Deletion vulnerability in Import template that can result in Denial of service. This attack appear to be exploitable via User controlled parameter. Date published :...

LibreHealthIO LH-EHR version REL-2.0.0 contains an Authenticated Unrestricted File Write vulnerability in Import template that can result in write files with malicious content and may lead to remote code execution. Date published : 2018-08-20...

LibreHealthIO lh-ehr version

Eclipse RDF4j version < 2.4.0 Milestone 2 contains a XML External Entity (XXE) vulnerability in RDF4j XML parser parsing RDF files that can result in the disclosure of confidential data, denial of service, server...

FlightAirMap version

YesWiki version

OpenCart-Overclocked version

LatexDraw version

MiniCMS version 1.1 contains a Cross Site Scripting (XSS) vulnerability in http://example.org/mc-admin/page.php?date={payload} that can result in code injection. Date published : 2018-08-20 https://github.com/bg5sbk/MiniCMS/issues/20

zutils version prior to version 1.8-pre2 contains a Buffer Overflow vulnerability in zcat that can result in Potential denial of service or arbitrary code execution. This attack appear to be exploitable via the victim...