Unrated severityNVD Advisory· Published Sep 9, 2012· Updated Jun 16, 2026
CVE-2011-5161
CVE-2011-5161
Description
Unrestricted file upload vulnerability in the patient photograph functionality in OpenEMR 4 allows remote attackers to execute arbitrary PHP code by uploading a file with an executable extension followed by a safe extension, then accessing it via a direct request to the patient directory under documents/.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.