VYPR
High severity8.8OSV Advisory· Published Dec 20, 2018· Updated Jun 17, 2026

CVE-2018-1000839

CVE-2018-1000839

Description

LH-EHR version REL-2_0_0 contains a Arbitrary File Upload vulnerability in Profile picture upload that can result in Remote Code Execution. This attack appear to be exploitable via Uploading a PHP file with image MIME type.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • LibreHealth/Lh EhrOSV2 versions
    EventPlanning, INTERN, REL-2_0_0, …+ 1 more
    • (no CPE)range: EventPlanning, INTERN, REL-2_0_0, …
    • (no CPE)range: =REL-2_0_0

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.