Vulnerabilities > Eclinicalworks

DATE	CVE	VULNERABILITY TITLE	RISK
2017-01-27	CVE-2017-5599	Cross-site Scripting vulnerability in Eclinicalworks Patient Portal 7.0 An issue was discovered in eClinicalWorks Patient Portal 7.0 build 13. network low complexity eclinicalworks CWE-79	6.1
2017-01-27	CVE-2017-5598	SQL Injection vulnerability in Eclinicalworks Patient Portal 8.0 An issue was discovered in eClinicalWorks healow@work 8.0 build 8. network low complexity eclinicalworks CWE-89	7.5
2017-01-23	CVE-2017-5570	SQL Injection vulnerability in Eclinicalworks Patient Portal 7.0 An issue was discovered in eClinicalWorks Patient Portal 7.0 build 13. network low complexity eclinicalworks CWE-89	8.8
2017-01-23	CVE-2017-5569	SQL Injection vulnerability in Eclinicalworks Patient Portal 7.0 An issue was discovered in eClinicalWorks Patient Portal 7.0 build 13. network low complexity eclinicalworks CWE-89 critical	9.8
2017-01-10	CVE-2015-4594	Session Fixation vulnerability in Eclinicalworks Population Health eClinicalWorks Population Health (CCMR) suffers from a session fixation vulnerability. network low complexity eclinicalworks CWE-384 critical	9.8
2017-01-10	CVE-2015-4593	Cross-Site Request Forgery (CSRF) vulnerability in Eclinicalworks Population Health eClinicalWorks Population Health (CCMR) suffers from a cross-site request forgery (CSRF) vulnerability in portalUserService.jsp which allows remote attackers to hijack the authentication of content administrators for requests that could lead to the creation, modification and deletion of users, appointments and employees. network low complexity eclinicalworks CWE-352	8.8
2017-01-10	CVE-2015-4592	SQL Injection vulnerability in Eclinicalworks Population Health eClinicalWorks Population Health (CCMR) suffers from an SQL injection vulnerability in portalUserService.jsp which allows remote authenticated users to inject arbitrary malicious database commands as part of user input. network low complexity eclinicalworks CWE-89	8.8
2017-01-10	CVE-2015-4591	Cross-site Scripting vulnerability in Eclinicalworks Population Health eClinicalWorks Population Health (CCMR) suffers from a cross site scripting vulnerability in login.jsp which allows remote unauthenticated users to inject arbitrary javascript via the strMessage parameter. network low complexity eclinicalworks CWE-79	6.1

Vulnerabilities > Eclinicalworks {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Eclinicalworks"}]}

Vulnerabilities > Eclinicalworks