c4v4r0n/Research

Releases0

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-26476 ↗	Feb 28, 2024Wednesday, 28 February 2024, 22:15	3.5 LOW	—
An issue in open-emr before v.7.0.2 allows a remote attacker to escalate privileges via a crafted script to the formid parameter in the ereq_form.php component.
CVE-2023-49508 ↗	Feb 16, 2024Friday, 16 February 2024, 08:15	6.5 MEDIUM	—
Directory Traversal vulnerability in YetiForceCompany YetiForceCRM versions 6.4.0 and before allows a remote authenticated attacker to obtain sensitive information via the license parameter in the LibraryLicense.php component.