Variable Overwrite Vulnerability in OpenEMR by OpenEMR, Inc.
CVE-2007-0649

Currently unrated

Key Information:

Vendor

Openemr

Status
Openemr
Vendor
CVE Published:
1 February 2007

What is CVE-2007-0649?

A variable overwrite vulnerability identified in OpenEMR 2.8.2 and earlier versions allows remote attackers to manipulate program variables. This could facilitate unauthorized actions, including remote file inclusion through the 'srcdir' parameter in 'custom/import_xml.php' and cross-site scripting through the 'rootdir' parameter in 'interface/login/login_frame.php'. The vulnerability arises from unvalidated inputs processed through the POST and GET superglobal arrays, highlighting the need for secure coding practices.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/archive/1/458565/100/0/threaded
mailing-listx_refsource_BUGTRAQ
http://attrition.org/pipermail/vim/2007-January/001254.html
mailing-listx_refsource_VIM
http://www.securityfocus.com/archive/1/458456/100/0/threaded
mailing-listx_refsource_BUGTRAQ

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.