Skip to content

One brick to the IT world

@manfromkz

  • Home
  • About
  • Contact

Tag: open source

Interesting case with code execution in Nmap

About remote code execution vector in Nmap that was found in web site for system administrators.

Published August 2, 2022
Categorized as Research Tagged nmap, open source, rce, research

Multiple vulnerabilities in LibreHealth EHR 2.0.0 part 2

During an internship at NitroTeam.kz, my students found several vulnerabilities in LibreHealth: Broken Access Control (CVE-2022-31496), Cross-Site Scripting (CVE-2022-31492, CVE-2022-31493, CVE-2022-31494, CVE-2022-31495, CVE-2022-31497, CVE-2022-31498).

Published June 2, 2022
Categorized as PHP, Research Tagged librehealth, open source, php, research, xss

Multiple vulnerabilities in LibreHealth EHR 2.0.0

I have found several vulnerabilities in open-source system LibreHealth EHR 2.0.0. More precisely 1 SQL-injection (CVE-2022-29938) and 2 Cross-site scripting (XSS) (CVE-2022-29939, CVE-2022-29940) vulnerabilities.

Published May 4, 2022
Categorized as PHP, Research Tagged cross-site script, librehealth, open source, OpenEMR, SQL-injection, xss, zero-day

CVE-2021-34187. Unauthenticated SQL injection in Chamilo LMS 1.11.x and (dev version of) 2.0

Lack of sanitization of GET-parameters searchField, filters, filters2 in /main/inc/ajax/model.ajax.php leads to the multiple unauthorized SQL injections in Chamilo LMS 1.11.x and (dev version of) 2.0

Published June 20, 2021
Categorized as PHP, Research Tagged chamilo, open source, research, SQL-injection

CVE-2020-29143. SQL injection vulnerability in OpenEMR 6.0.0-dev, 5.0.2(5)

Ineffective use of add_escape_custom() in interface/reports/non_reported.php leads to SQL injection in OpenEMR 6.0.0-dev, 5.0.2(5).

Published February 15, 2021
Categorized as PHP, Research Tagged open source, OpenEMR, research, SQL-injection

CVE-2020-29142. SQL injection vulnerability in OpenEMR 6.0.0-dev, 5.0.2(5)

Ineffective use of add_escape_custom() in interface/usergroup/usergroup_admin.php leads to SQL injection in OpenEMR 6.0.0-dev, 5.0.2(5).

Published February 15, 2021
Categorized as PHP, Research Tagged open source, OpenEMR, research, SQL-injection

CVE-2020-29140. SQL injection vulnerability in OpenEMR 6.0.0-dev, 5.0.2(5)

Ineffective use of add_escape_custom() in interface/reports/immunization_report.php leads to SQL injection in OpenEMR 6.0.0-dev, 5.0.2(5).

Published February 15, 2021
Categorized as PHP, Research Tagged open source, OpenEMR, research, SQL-injection

CVE-2020-29139. SQL injection vulnerability in OpenEMR 6.0.0-dev, 5.0.2(5)

Ineffective use of add_escape_custom() in library/patient.inc leads to SQL injection in OpenEMR 6.0.0-dev, 5.0.2(5).

Published February 15, 2021
Categorized as PHP, Research Tagged open source, OpenEMR, research, SQL-injection

Recent Posts

  • My speeches at OpenSysConf’22 and BeetechConf’23
  • SSRF vulnerability in the Tumbler plugin of XFCE
  • Interesting case with code execution in Nmap
  • Multiple vulnerabilities in LibreHealth EHR 2.0.0 part 2
  • Multiple vulnerabilities in LibreHealth EHR 2.0.0

Recent Comments

  • nomi on Review of PHP backdoors

Categories

  • CTF (2)
  • PHP (9)
  • Research (12)
  • Uncategorized (6)
One brick to the IT world
Proudly powered by WordPress.