Security Advisory

CVE-2023-22974

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-02-22 00:00:00
Last updated 2025-03-12 14:50:14
Assigner mitre
State PUBLISHED

Description

A Path Traversal in setup.php in OpenEMR < 7.0.0 allows remote unauthenticated users to read arbitrary files by controlling a connection to an attacker-controlled MySQL server.