VYPR
High severity8.8OSV Advisory· Published Aug 15, 2018· Updated Jun 17, 2026

CVE-2018-15151

CVE-2018-15151

Description

SQL injection vulnerability in interface/de_identification_forms/find_code_popup.php in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary SQL commands via the 'search_term' parameter.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Openemr/OpenemrOSV2 versions
    v2_7_2, v2_7_2-rc1, v2_7_2-rc2, …+ 1 more
    • (no CPE)range: v2_7_2, v2_7_2-rc1, v2_7_2-rc2, …
    • (no CPE)range: <5.0.1.4

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.