image credit: pixabay
OpenClinic GA is described as an “integrated hospital information management system covering management of administrative, financial, clinical, lab, x-ray, pharmacy, meals distribution and other data.” The product is used worldwide and it has been downloaded nearly 120,000 times from SourceForge.
Brian Hysell, a senior consultant at the Synopsys Software Integrity Group, discovered that the software is affected by a dozen vulnerabilities, most of which have been classified as critical or high severity based on their CVSS score. The flaws can be exploited to bypass access controls and account protections, obtain sensitive information, upload and execute arbitrary files, and execute arbitrary code or commands.
Comments are closed.
