Vulnerabilities > Care2X
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-08-26 | CVE-2021-36352 | Cross-site Scripting vulnerability in Care2X Hospital Information Management 2.7 Stored cross-site scripting (XSS) vulnerability in Care2x Hospital Information Management 2.7 Alpha. | 3.5 |
2021-08-06 | CVE-2021-36351 | SQL Injection vulnerability in Care2X Hospital Information Management System SQL Injection Vulnerability in Care2x Open Source Hospital Information Management 2.7 Alpha via the (1) pday, (2) pmonth, and (3) pyear parameters in GET requests sent to /modules/nursing/nursing-station.php. | 7.5 |
2007-10-12 | CVE-2007-5418 | Code Injection vulnerability in Care2X 2G 2.2 Multiple PHP remote file inclusion vulnerabilities in CARE2X 2G 2.2 allow remote attackers to execute arbitrary PHP code via a URL in the root_path parameter to (1) en_copyrite.php, (2) vi_copyrite.php, and (3) ar_copyrite.php in language/ directories; (4) class_access.php, (5) class_department.php, (6) class_config.php, (7) class_image.php, (8) class_ward.php, and (9) class_product.php in include/care_api_classes/; (10) gui/smarty_template/smarty_care.class.php; and possibly other components, different vectors than CVE-2007-1458. | 7.5 |
2007-03-21 | CVE-2007-1574 | Remote Security vulnerability in CARE2X CARE2X 2.2, and possibly earlier, allows remote attackers to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function. | 5.0 |
2007-03-14 | CVE-2007-1458 | Remote File Include vulnerability in Care2X 1.1 Multiple PHP remote file inclusion vulnerabilities in CARE2X 1.1 allow remote attackers to execute arbitrary PHP code via a URL in the root_path parameter to (1) inc_checkdate_lang.php, (2) inc_charset_fx.php, (3) inc_config_color.php, (4) inc_currency_set.php, (5) inc_db_makelink.php, (6) inc_diagnostics_report_fx.php, (7) inc_environment_global.php, (8) inc_front_chain_lang.php, (9) inc_init_crypt.php, (10) inc_load_copyrite.php, or (11) inc_news_save.php in include/; (12) diagnostics-report-index.php, (13) config_options_mascot.php, (14) barcode-labels.php, (15) chg-color.php, or (16) config_options_gui_template.php in main/; or unspecified other files. network care2x | 6.8 |