Phpgaclproject Phpgacl
By the Year
In 2024 there have been 0 vulnerabilities in Phpgaclproject Phpgacl . Phpgacl did not have any published security vulnerabilities last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 0 | 0.00 |
2023 | 0 | 0.00 |
2022 | 1 | 9.80 |
2021 | 6 | 7.00 |
2020 | 0 | 0.00 |
2019 | 0 | 0.00 |
2018 | 0 | 0.00 |
It may take a day or so for new Phpgacl vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Phpgaclproject Phpgacl Security Vulnerabilities
Multiple SQL injection vulnerabilities exist in phpGACL 3.3.7
CVE-2020-13567
9.8 - Critical
- April 18, 2022
Multiple SQL injection vulnerabilities exist in phpGACL 3.3.7. A specially crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability.
SQL Injection
SQL injection vulnerabilities exist in phpGACL 3.3.7
CVE-2020-13566
8.8 - High
- April 13, 2021
SQL injection vulnerabilities exist in phpGACL 3.3.7. A specially crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability In admin/edit_group.php, when the POST parameter action is Delete, the POST parameter delete_group leads to a SQL injection.
SQL Injection
SQL injection vulnerability exists in phpGACL 3.3.7
CVE-2020-13568
8.8 - High
- April 13, 2021
SQL injection vulnerability exists in phpGACL 3.3.7. A specially crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability in admin/edit_group.php, when the POST parameter action is Submit, the POST parameter parent_id leads to a SQL injection.
SQL Injection
An open redirect vulnerability exists in the return_page redirection functionality of phpGACL 3.3.7
CVE-2020-13565
6.1 - Medium
- February 10, 2021
An open redirect vulnerability exists in the return_page redirection functionality of phpGACL 3.3.7, OpenEMR 5.0.2 and OpenEMR development version 6.0.0 (commit babec93f600ff1394f91ccd512bcad85832eb6ce). A specially crafted HTTP request can redirect users to an arbitrary URL. An attacker can provide a crafted URL to trigger this vulnerability.
Open Redirect
A cross-site scripting vulnerability exists in the template functionality of phpGACL 3.3.7
CVE-2020-13564
6.1 - Medium
- February 01, 2021
A cross-site scripting vulnerability exists in the template functionality of phpGACL 3.3.7. A specially crafted HTTP request can lead to arbitrary JavaScript execution. An attacker can provide a crafted URL to trigger this vulnerability in the phpGACL template acl_id parameter.
XSS
A cross-site scripting vulnerability exists in the template functionality of phpGACL 3.3.7
CVE-2020-13563
6.1 - Medium
- February 01, 2021
A cross-site scripting vulnerability exists in the template functionality of phpGACL 3.3.7. A specially crafted HTTP request can lead to arbitrary JavaScript execution. An attacker can provide a crafted URL to trigger this vulnerability in the phpGACL template group_id parameter.
XSS
A cross-site scripting vulnerability exists in the template functionality of phpGACL 3.3.7
CVE-2020-13562
6.1 - Medium
- February 01, 2021
A cross-site scripting vulnerability exists in the template functionality of phpGACL 3.3.7. A specially crafted HTTP request can lead to arbitrary JavaScript execution. An attacker can provide a crafted URL to trigger this vulnaerability in the phpGACL template action parameter.
XSS
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Open Emr Openemr or by Phpgaclproject? Click the Watch button to subscribe.