Vulnerabilities > Openclinic GA Project

DATE CVE VULNERABILITY TITLE RISK
2021-05-10 CVE-2020-27231 SQL Injection vulnerability in Openclinic GA Project Openclinic GA 5.173.3
A number of exploitable SQL injection vulnerabilities exists in ‘patientslist.do’ page of OpenClinic GA 5.173.3 application.
network
low complexity
openclinic-ga-project CWE-89
6.5
6.5
2021-04-19 CVE-2020-27241 SQL Injection vulnerability in Openclinic GA Project Openclinic GA 5.173.3
An exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3.
network
low complexity
openclinic-ga-project CWE-89
7.5
7.5
2021-04-19 CVE-2020-27240 SQL Injection vulnerability in Openclinic GA Project Openclinic GA 5.173.3
An exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3.
network
low complexity
openclinic-ga-project CWE-89
7.5
7.5
2021-04-15 CVE-2020-27239 SQL Injection vulnerability in Openclinic GA Project Openclinic GA 5.173.3
An exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3.
network
low complexity
openclinic-ga-project CWE-89
7.5
7.5
2021-04-15 CVE-2020-27238 SQL Injection vulnerability in Openclinic GA Project Openclinic GA 5.173.3
An exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3.
network
low complexity
openclinic-ga-project CWE-89
7.5
7.5
2021-04-15 CVE-2020-27237 SQL Injection vulnerability in Openclinic GA Project Openclinic GA 5.173.3
An exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3.
network
low complexity
openclinic-ga-project CWE-89
7.5
7.5
2021-04-13 CVE-2020-27236 SQL Injection vulnerability in Openclinic GA Project Openclinic GA 5.173.3
An exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3 in the compnomenclature parameter.
network
low complexity
openclinic-ga-project CWE-89
7.5
7.5
2021-04-13 CVE-2020-27235 SQL Injection vulnerability in Openclinic GA Project Openclinic GA 5.173.3
An exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3 in the description parameter.
network
low complexity
openclinic-ga-project CWE-89
7.5
7.5
2021-04-13 CVE-2020-27234 SQL Injection vulnerability in Openclinic GA Project Openclinic GA 5.173.3
An exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3 in the serviceUID parameter.
network
low complexity
openclinic-ga-project CWE-89
7.5
7.5
2021-04-13 CVE-2020-27233 SQL Injection vulnerability in Openclinic GA Project Openclinic GA 5.173.3
An exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3 in the supplierUID parameter.
network
low complexity
openclinic-ga-project CWE-89
7.5
7.5