CVE-2013-10044 – OpenEMR SQL Injection and Unrestricted File Upload Vulnerability

August 1, 2025

CVE ID : CVE-2013-10044

Published : Aug. 1, 2025, 9:15 p.m. | 2 hours, 19 minutes ago

Description : An authenticated SQL injection vulnerability exists in OpenEMR ≤ 4.1.1 Patch 14 that allows a low-privileged attacker to extract administrator credentials and subsequently escalate privileges. Once elevated, the attacker can exploit an unrestricted file upload flaw to achieve remote code execution, resulting in full compromise of the application and its host system.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2013-10046 – Agnitum Outpost Internet Security Named Pipe Privilege Escalation Vulnerability

Next Article CVE-2012-10022 – Kloxo Setuid Root Privilege Escalation

Elastic simplifies log analytics for SREs and developers with launch of Log Essentials

OpenAI launches GPT-5

Melissa brings its data quality solutions to Azure with new SSIS integration

Automating Design Systems: Tips And Resources For Getting Started

This $180 mini projector has no business being this good for the price

GPT-5 is finally here, and you can access it for free today – no subscription needed

Changing this Android setting instantly doubled my phone speed (Samsung and Google models included)

ChatGPT can now talk nerdy to you – plus more personalities and other upgrades beyond GPT-5

Advanced Application Architecture through Laravel’s Service Container Management

Advanced Application Architecture through Laravel’s Service Container Management

Switch Between Personas in Laravel With the MultiPersona Package

AI-Driven Smart Tagging and Metadata in AEM Assets

Bill Gates on AI’s Impact: ‘Be Curious, Read, and Use the Latest Tools’

Bill Gates on AI’s Impact: ‘Be Curious, Read, and Use the Latest Tools’

Halo Infinite’s Fall Update: New Features and Modes to Revive the Game?

Forza Motorsport’s Future in Jeopardy: Fans Demand Clarity from Microsoft

CVE-2013-10044 – OpenEMR SQL Injection and Unrestricted File Upload Vulnerability

Microsoft to Pull Plug on Shared EWS Access in Hybrid Exchange by October

Google Confirms Salesforce Database Breach by ShinyHunters Group

CVE-2025-7904 – iSourcecode Insurance Management System SQL Injection Vulnerability

Stopping malaria in its tracks

ONLYOFFICE 9.0 Released with New Themes, AI Tools + More

Your Google Home just got 5 exciting upgrades for free – how to try them

Keila is a newsletter tool

Linux Sudo chroot Vulnerability Enables Hackers to Elevate Privileges to Root

The New Minimum Standard for Modern Editors

Optimizing Website Design Widths for a Multi-Device World

CVE-2013-10044 – OpenEMR SQL Injection and Unrestricted File Upload Vulnerability

Related Posts