Vulnerabilities > Openclinic GA Project

DATE CVE VULNERABILITY TITLE RISK
2021-10-26 CVE-2021-37364 Incorrect Permission Assignment for Critical Resource vulnerability in Openclinic GA Project Openclinic GA 5.194.18
OpenClinic GA 5.194.18 is affected by Insecure Permissions.
local
low complexity
openclinic-ga-project CWE-732
7.8
2021-05-11 CVE-2020-27242 SQL Injection vulnerability in Openclinic GA Project Openclinic GA 5.173.3
An exploitable SQL injection vulnerability exists in ‘listImmoLabels.jsp’ page of OpenClinic GA 5.173.3 application.
network
low complexity
openclinic-ga-project CWE-89
8.8
2021-05-11 CVE-2020-27243 SQL Injection vulnerability in Openclinic GA Project Openclinic GA 5.173.3
An exploitable SQL injection vulnerability exists in ‘listImmoLabels.jsp’ page of OpenClinic GA 5.173.3 application.
network
low complexity
openclinic-ga-project CWE-89
8.8
2021-05-11 CVE-2020-27244 SQL Injection vulnerability in Openclinic GA Project Openclinic GA 5.173.3
An exploitable SQL injection vulnerability exists in ‘listImmoLabels.jsp’ page of OpenClinic GA 5.173.3 application.
network
low complexity
openclinic-ga-project CWE-89
8.8
2021-05-11 CVE-2020-27245 SQL Injection vulnerability in Openclinic GA Project Openclinic GA 5.173.3
An exploitable SQL injection vulnerability exists in ‘listImmoLabels.jsp’ page of OpenClinic GA 5.173.3 application.
network
low complexity
openclinic-ga-project CWE-89
8.8
2021-05-11 CVE-2020-27246 SQL Injection vulnerability in Openclinic GA Project Openclinic GA 5.173.3
An exploitable SQL injection vulnerability exists in ‘listImmoLabels.jsp’ page of OpenClinic GA 5.173.3 application.
network
low complexity
openclinic-ga-project CWE-89
8.8
2021-05-10 CVE-2020-27232 SQL Injection vulnerability in Openclinic GA Project Openclinic GA 5.173.3
An exploitable SQL injection vulnerability exists in ‘manageServiceStocks.jsp’ page of OpenClinic GA 5.173.3.
network
low complexity
openclinic-ga-project CWE-89
8.8
2021-05-10 CVE-2020-27226 SQL Injection vulnerability in Openclinic GA Project Openclinic GA 5.173.3
An exploitable SQL injection vulnerability exists in ‘quickFile.jsp’ page of OpenClinic GA 5.173.3.
network
low complexity
openclinic-ga-project CWE-89
8.8
2021-05-10 CVE-2020-27229 SQL Injection vulnerability in Openclinic GA Project Openclinic GA 5.173.3
A number of exploitable SQL injection vulnerabilities exists in ‘patientslist.do’ page of OpenClinic GA 5.173.3 application.
network
low complexity
openclinic-ga-project CWE-89
8.8
2021-05-10 CVE-2020-27230 SQL Injection vulnerability in Openclinic GA Project Openclinic GA 5.173.3
A number of exploitable SQL injection vulnerabilities exists in ‘patientslist.do’ page of OpenClinic GA 5.173.3 application.
network
low complexity
openclinic-ga-project CWE-89
8.8