SQL injection vulnerability in interface/de_identification_forms/find_code_popup.php in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary SQL commands via the 'search_term' parameter.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2018-08-15T17:00:00
Updated: 2024-08-05T09:46:25.370Z
Reserved: 2018-08-07T00:00:00
Link: CVE-2018-15151
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2018-08-15T17:29:01.610
Modified: 2018-10-12T13:11:05.933
Link: CVE-2018-15151
Redhat
No data.