High severity8.8OSV Advisory· Published Aug 20, 2018· Updated Jun 17, 2026
CVE-2018-1000646
CVE-2018-1000646
Description
LibreHealthIO LH-EHR version REL-2.0.0 contains an Authenticated Unrestricted File Write vulnerability in Import template that can result in write files with malicious content and may lead to remote code execution.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2EventPlanning, INTERN, REL-2_0_0, …+ 1 more
- (no CPE)range: EventPlanning, INTERN, REL-2_0_0, …
- (no CPE)range: = REL-2.0.0
Patches
Vulnerability mechanics
References
2- 0dd.zone/2018/08/07/lh-ehr-Authenticated-File-Write/nvdExploitThird Party Advisory
- github.com/LibreHealthIO/lh-ehr/issues/1211nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.