Security Advisory

CVE-2020-36243

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-02-07 19:59:50

Last updated 2024-08-04 17:23:09

Assigner mitre

State PUBLISHED

Description

The Patient Portal of OpenEMR 5.0.2.1 is affected by a Command Injection vulnerability in /interface/main/backup.php. To exploit the vulnerability, an authenticated attacker can send a POST request that executes arbitrary OS commands via shell metacharacters.

← Browse all CVEs View on cve.org ↗