A Path Traversal in setup.php in OpenEMR < 7.0.0 allows...
High severity
Unreviewed
Published
Feb 22, 2023
to the GitHub Advisory Database
•
Updated Mar 10, 2023
Description
Published by the National Vulnerability Database
Feb 22, 2023
Published to the GitHub Advisory Database
Feb 22, 2023
Last updated
Mar 10, 2023
A Path Traversal in setup.php in OpenEMR < 7.0.0 allows remote unauthenticated users to read arbitrary files by controlling a connection to an attacker-controlled MySQL server.
References