This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:openemr:openemr
Detail
VendorOpenemrFirst view 2006-06-09
ProductOpenemrLast view 2012-02-07
VersionTypeApplication
Edition 
Language 
Update 

Activity : Overall

COMMON PLATFORM ENUMERATION : Repartition per Version

CPE NameAffected CVE
cpe:/a:openemr:openemr:4.1.02
cpe:/a:openemr:openemr:2.8.21
cpe:/a:openemr:openemr:2.8.13

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentication
8.52012-02-07CVE-2012-0992NetworkMediumRequires ...
3.52012-02-07CVE-2012-0991NetworkMediumRequires ...
4.32007-01-31CVE-2007-0649NetworkHighRequires ...
6.82006-11-08CVE-2006-5811NetworkMediumNone Requ...
7.52006-11-08CVE-2006-5795NetworkLowNone Requ...
Hide | Show 1 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
6.82006-06-09CVE-2006-2929NetworkMediumNone Requ...

CWE : Common Weakness Enumeration

%idName
33% (1)CWE-94Failure to Control Generation of Code ('Code Injection')
33% (1)CWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path ...
33% (1)CWE-20Improper Input Validation

Open Source Vulnerability Database (OSVDB)

idDescription
33609OpenEMR interface/login/login_frame.php rootdir Parameter XSS
33603OpenEMR import_xml.php srcdir Parameter Remote File Inclusion
30613OpenEMR translation.inc.php GLOBALS[srcdir] Parameter Remote File Inclusion
30612OpenEMR import_xml.php srcdir Parameter Remote File Inclusion
30611OpenEMR facility_admin.php srcdir Parameter Remote File Inclusion
Hide | Show 19 More...
idDescription
30610OpenEMR user_info.php srcdir Parameter Remote File Inclusion
30609OpenEMR usergroup_admin.php srcdir Parameter Remote File Inclusion
30608OpenEMR facility_admin.php srcdir Parameter Remote File Inclusion
30607OpenEMR front_receipts_report.php srcdir Parameter Remote File Inclusion
30606OpenEMR players_report.php srcdir Parameter Remote File Inclusion
30605OpenEMR custom_report_range.php srcdir Parameter Remote File Inclusion
30604OpenEMR logout.php srcdir Parameter Remote File Inclusion
30603OpenEMR ins_search.php srcdir Parameter Remote File Inclusion
30602OpenEMR new_patient_save.php srcdir Parameter Remote File Inclusion
30601OpenEMR main.php srcdir Parameter Remote File Inclusion
30600OpenEMR main_info.php srcdir Parameter Remote File Inclusion
30599OpenEMR interface/login/login.php srcdir Parameter Remote File Inclusion
30598OpenEMR batchcom.php srcdir Parameter Remote File Inclusion
30597OpenEMR login.php srcdir Parameter Remote File Inclusion
30596OpenEMR print_billing_report.php srcdir Parameter Remote File Inclusion
30595OpenEMR billing_report_xml.php srcdir Parameter Remote File Inclusion
30594OpenEMR billing_report.php srcdir Parameter Remote File Inclusion
30593OpenEMR billing_process.php srcdir Parameter Remote File Inclusion
26231OpenEMR C_FormEvaluation.class.php fileroot Parameter Remote File Inclusion

Milw0rm Exploits

idDescription
2006-11-06OpenEMR <= 2.8.1 (srcdir) Multiple Remote File Inclusion Vulnerabilities
2006-06-07OpenEMR <= 2.8.1 (fileroot) Remote File Include Vulnerability

OpenVAS Exploits

idDescription
2012-02-02Name : OpenEMR Local File Include and Command Injection Vulnerabilities
File : nvt/gb_openemr_51788.nasl

Nessus® Vulnerability Scanner

idDescription
2006-06-09Name : The remote web server contains a PHP application that is prone to a remote fi...
File : openemr_fileroot_file_include.nasl - Type : ACT_ATTACK