CVE-2023-22974

Publication date

2023-02-22 00:00:00

Family

mitre

State

PUBLISHED

Description

A Path Traversal in setup.php in OpenEMR < 7.0.0 allows remote unauthenticated users to read arbitrary files by controlling a connection to an attacker-controlled MySQL server.