Care2x is PHP based Hospital Information system, It features complete clinical flow management, laboratory management, patient records, multi-user support with permissions, stock management and accounting and billing management, PACS integration and DICOM viewer. Care2x provides some other features as CCTV integration which has not been seen in other open source HIS.This allows unauthenticated remote attacker to execute arbitrary SQL commands and obtain private information. Admin or users valid credentials aren't required. In a deeper analysis other pages are also affected with the vulnerability over the same input.It written in PHP version 5.x, it is vulnerable to SQL Injection. The parameter on cookie 'ck_config' is vulnerable on multiples URLS occurrences, explains to continue:http://192.168.0.108/main/login.php [parameter affected: ck_config cookie] (without authentication)/main/indexframe.php [parameter affected: ck_config cookie]/main/op-doku.php [parameter affected: ck_config cookie]/main/spediens.php [parameter affected: ck_config cookie]/modules/ambulatory/ambulatory.php [parameter affected: ck_config cookie]/modules/fotolab/fotolab_pass.php [parameter affected: ck_config cookie]/modules/laboratory/labor.php [parameter affected: ck_config cookie]/modules/med_depot/medlager.php [parameter affected: ck_config cookie]/modules/news/headline-read.php [parameter affected: nr parameter]/modules/news/newscolumns.php [parameter affected: dept_nr parameter]/modules/news/start_page.php [parameter affected: sid cookie]/modules/nursing/nursing-fastview.php [parameter affected: ck_confi
The application stores logs and sensitive information in an unencrypted binary file called BEWARD.INTERCOM.FDB. A local attacker that has access to the current user session can successfully disclose plain-text credentials that can be used to bypass authentication to the affected IP camera and door station and bypass access control in place.
This exploit allows a local buffer overflow in R version 3.4.4 on Windows XP SP3. The exploit author, Dino Covotsos from Telspace Systems, has generated a proof-of-concept (PoC) that demonstrates the vulnerability. The exploit does not require SEH exploitation and has been tested on Windows XP Prof SP3 ENG x86.
The CMSsite 1.0 version is vulnerable to SQL injection through the 'search' parameter in the 'search.php' file. An attacker can exploit this vulnerability by injecting malicious SQL code into the search textbox.
This vulnerability allows an attacker to include remote files in the Joomla component Carousel Flash Image Gallery, potentially leading to remote code execution.
The CMSsite 1.0 web application is vulnerable to SQL injection in the 'category.php' file. The 'cat_id' parameter is not properly sanitized, allowing an attacker to inject malicious SQL queries. By exploiting this vulnerability, an attacker can execute arbitrary SQL commands and potentially gain unauthorized access to the database.
This exploit allows an attacker to perform Cross-Site Request Forgery (CSRF) attacks on AirTies Air5341 1.0.0.12 Modems. By tricking a user into clicking on a malicious link, the attacker can perform unauthorized actions on behalf of the user, such as changing the modem settings or stealing sensitive information.
The WordPress Plugin ad manager wd v1.0.11 allows an attacker to download arbitrary files from the server. This can lead to unauthorized access to sensitive information, such as configuration files.
A remote code execute vulnerability exists in Microsoft Jet Engine. A remote attacker who successfully exploit this vulnerability can execute arbitrary code on the affected system.
This exploit takes advantage of a vulnerability in MySQL 4.x/5.x on Linux systems to escalate privileges locally. It uses a user-defined function (UDF) to execute arbitrary shellcode. The exploit is based on the raptor_udf.c exploit by Marco Ivaldi.
Services By CQR