Openclinic Project Openclinic — known CVE vulnerabilities
Every CVE whose affected-product data names Openclinic Project Openclinic, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2020-28937 — CVSS 7.5 (high): OpenClinic version 0.8.2 is affected by a missing authentication vulnerability that allows unauthenticated users to access any patient's…
CVE-2020-20444 — CVSS 7.2 (high): Jact OpenClinic 0.8.20160412 allows the attacker to read server files after login to the the admin account by an infected 'file' GET…
CVE-2020-28939 — CVSS 7.2 (high): OpenClinic version 0.8.2 is affected by a medical/test_new.php insecure file upload vulnerability. This vulnerability allows authenticated…
CVE-2020-28938 — CVSS 5.4 (medium): OpenClinic version 0.8.2 is affected by a stored XSS vulnerability in lib/Check.php that allows users of the application to force actions…