CVE Tools

openclinic ga project

Enterprise Softwareoss-project

27

Cumulative CVEs

3

Monthly snapshots

#52

Peak rank

Top products

Latest CVEs

The 15 most recently published vulnerabilities affecting openclinic ga project.

CVE-2023-40280An issue was discovered in OpenClinic GA 5.247.01. An attacker can perform a directory path traversal via the Page parameter in a GET request to popup.jsp.7.5Mar 19, 2024
CVE-2023-40279An issue was discovered in OpenClinic GA 5.247.01. An attacker can perform a directory path traversal via the Page parameter in a GET request to main.do.7.5Mar 19, 2024
CVE-2023-40278An issue was discovered in OpenClinic GA 5.247.01. An Information Disclosure vulnerability has been identified in the printAppointmentPdf.jsp component of OpenClinic GA. By changing the Appointment...7.5Mar 19, 2024
CVE-2023-40277An issue was discovered in OpenClinic GA 5.247.01. A Reflected Cross-Site Scripting (XSS) vulnerability has been discovered in the login.jsp message parameter.6.1Mar 19, 2024
CVE-2023-40276An issue was discovered in OpenClinic GA 5.247.01. An Unauthenticated File Download vulnerability has been discovered in pharmacy/exportFile.jsp.9.1Mar 19, 2024
CVE-2023-40275An issue was discovered in OpenClinic GA 5.247.01. It allows retrieval of patient lists via queries such as findFirstname= to _common/search/searchByAjax/patientslistShow.jsp.9.1Mar 19, 2024
CVE-2021-37364OpenClinic GA 5.194.18 is affected by Insecure Permissions. By default the Authenticated Users group has the modify permission to openclinic folders/files. A low privilege account is able to rename...7.8Oct 26, 2021
CVE-2020-27246An exploitable SQL injection vulnerability exists in ‘listImmoLabels.jsp’ page of OpenClinic GA 5.173.3 application. The immoComment parameter in the ‘listImmoLabels.jsp’ page is vulnerable...8.8May 11, 2021
CVE-2020-27245An exploitable SQL injection vulnerability exists in ‘listImmoLabels.jsp’ page of OpenClinic GA 5.173.3 application. The immoBuyer parameter in the ‘listImmoLabels.jsp’ page is vulnerable t...8.8May 11, 2021
CVE-2020-27244An exploitable SQL injection vulnerability exists in ‘listImmoLabels.jsp’ page of OpenClinic GA 5.173.3 application. The immoCode parameter in the ‘listImmoLabels.jsp’ page is vulnerable to...8.8May 11, 2021
CVE-2020-27243An exploitable SQL injection vulnerability exists in ‘listImmoLabels.jsp’ page of OpenClinic GA 5.173.3 application. The immoService parameter in the ‘listImmoLabels.jsp’ page is vulnerable...8.8May 11, 2021
CVE-2020-27242An exploitable SQL injection vulnerability exists in ‘listImmoLabels.jsp’ page of OpenClinic GA 5.173.3 application. The immoLocation parameter in the ‘listImmoLabels.jsp’ page is vulnerabl...8.8May 11, 2021
CVE-2020-27232An exploitable SQL injection vulnerability exists in ‘manageServiceStocks.jsp’ page of OpenClinic GA 5.173.3. A specially crafted HTTP request can lead to SQL injection. An attacker can make an...8.8May 10, 2021
CVE-2020-27226An exploitable SQL injection vulnerability exists in ‘quickFile.jsp’ page of OpenClinic GA 5.173.3. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authentic...8.8May 10, 2021
CVE-2020-27231A number of exploitable SQL injection vulnerabilities exists in ‘patientslist.do’ page of OpenClinic GA 5.173.3 application. The findDistrict parameter in ‘‘patientslist.do’ page is vulne...8.8May 10, 2021