Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

OpenEMR

Source -

CNA

CNA CVEs -

9

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
9Vulnerabilities found
CVE-2013-10044
Assigner-VulnCheck
ShareView Details
Assigner-VulnCheck
CVSS Score-8.7||HIGH
EPSS-0.20% / 42.25%
||
7 Day CHG~0.00%
Published-01 Aug, 2025 | 20:46
Updated-06 Aug, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OpenEMR ≤ 4.1.1 SQL Injection Privilege Escalation and RCE

An authenticated SQL injection vulnerability exists in OpenEMR ≤ 4.1.1 Patch 14 that allows a low-privileged attacker to extract administrator credentials and subsequently escalate privileges. Once elevated, the attacker can exploit an unrestricted file upload flaw to achieve remote code execution, resulting in full compromise of the application and its host system.

Action-Not Available
Vendor-OpenEMR Foundation
Product-OpenEMR
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2020-13567
Assigner-Talos
ShareView Details
Assigner-Talos
CVSS Score-8.8||HIGH
EPSS-0.05% / 16.55%
||
7 Day CHG~0.00%
Published-18 Apr, 2022 | 16:15
Updated-15 Apr, 2025 | 19:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple SQL injection vulnerabilities exist in phpGACL 3.3.7. A specially crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability.

Action-Not Available
Vendor-phpgacl_projectphpGACLOpenEMR Foundation, Inc
Product-openemrphpgaclphpGACLOpenEMR
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2020-13569
Assigner-Talos
ShareView Details
Assigner-Talos
CVSS Score-8.8||HIGH
EPSS-1.00% / 76.09%
||
7 Day CHG~0.00%
Published-28 Jan, 2021 | 12:28
Updated-04 Aug, 2024 | 12:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A cross-site request forgery vulnerability exists in the GACL functionality of OpenEMR 5.0.2 and development version 6.0.0 (commit babec93f600ff1394f91ccd512bcad85832eb6ce). A specially crafted HTTP request can lead to the execution of arbitrary requests in the context of the victim. An attacker can send an HTTP request to trigger this vulnerability.

Action-Not Available
Vendor-n/aOpenEMR Foundation, Inc
Product-openemr OpenEMR
CWE ID-CWE-352
Cross-Site Request Forgery (CSRF)
CVE-2019-3968
Assigner-Tenable Network Security, Inc.
ShareView Details
Assigner-Tenable Network Security, Inc.
CVSS Score-8.8||HIGH
EPSS-60.73% / 98.23%
||
7 Day CHG~0.00%
Published-20 Aug, 2019 | 18:01
Updated-04 Aug, 2024 | 19:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In OpenEMR 5.0.1 and earlier, an authenticated attacker can execute arbitrary commands on the host system via the Scanned Forms interface when creating a new form.

Action-Not Available
Vendor-n/aOpenEMR Foundation, Inc
Product-openemrOpenEMR
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2019-3967
Assigner-Tenable Network Security, Inc.
ShareView Details
Assigner-Tenable Network Security, Inc.
CVSS Score-6.5||MEDIUM
EPSS-34.35% / 96.85%
||
7 Day CHG~0.00%
Published-20 Aug, 2019 | 17:56
Updated-04 Aug, 2024 | 19:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In OpenEMR 5.0.1 and earlier, the patient file download interface contains a directory traversal flaw that allows authenticated attackers to download arbitrary files from the host system.

Action-Not Available
Vendor-n/aOpenEMR Foundation, Inc
Product-openemrOpenEMR
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2019-3966
Assigner-Tenable Network Security, Inc.
ShareView Details
Assigner-Tenable Network Security, Inc.
CVSS Score-6.1||MEDIUM
EPSS-34.93% / 96.89%
||
7 Day CHG~0.00%
Published-20 Aug, 2019 | 17:56
Updated-04 Aug, 2024 | 19:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In OpenEMR 5.0.1 and earlier, controller.php contains a reflected XSS vulnerability in the foreign_id parameter. This could allow an attacker to execute arbitrary code in the context of a user's session.

Action-Not Available
Vendor-n/aOpenEMR Foundation, Inc
Product-openemrOpenEMR
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2019-3965
Assigner-Tenable Network Security, Inc.
ShareView Details
Assigner-Tenable Network Security, Inc.
CVSS Score-6.1||MEDIUM
EPSS-34.93% / 96.89%
||
7 Day CHG~0.00%
Published-20 Aug, 2019 | 17:56
Updated-04 Aug, 2024 | 19:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In OpenEMR 5.0.1 and earlier, controller.php contains a reflected XSS vulnerability in the document_id parameter. This could allow an attacker to execute arbitrary code in the context of a user's session.

Action-Not Available
Vendor-n/aOpenEMR Foundation, Inc
Product-openemrOpenEMR
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2019-3964
Assigner-Tenable Network Security, Inc.
ShareView Details
Assigner-Tenable Network Security, Inc.
CVSS Score-6.1||MEDIUM
EPSS-26.73% / 96.16%
||
7 Day CHG~0.00%
Published-20 Aug, 2019 | 17:55
Updated-04 Aug, 2024 | 19:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In OpenEMR 5.0.1 and earlier, controller.php contains a reflected XSS vulnerability in the doc_id parameter. This could allow an attacker to execute arbitrary code in the context of a user's session.

Action-Not Available
Vendor-n/aOpenEMR Foundation, Inc
Product-openemrOpenEMR
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2019-3963
Assigner-Tenable Network Security, Inc.
ShareView Details
Assigner-Tenable Network Security, Inc.
CVSS Score-6.1||MEDIUM
EPSS-26.73% / 96.16%
||
7 Day CHG~0.00%
Published-20 Aug, 2019 | 17:55
Updated-04 Aug, 2024 | 19:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In OpenEMR 5.0.1 and earlier, controller.php contains a reflected XSS vulnerability in the patient_id parameter. This could allow an attacker to execute arbitrary code in the context of a user's session.

Action-Not Available
Vendor-n/aOpenEMR Foundation, Inc
Product-openemrOpenEMR
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')