Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Nosh Chartingsystem Project Subscribe
Filtered by product Nosh Chartingsystem
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-24610 1 Nosh Chartingsystem Project 1 Nosh Chartingsystem 2024-11-21 N/A 8.8 HIGH
NOSH 4a5cfdb allows remote authenticated users to execute PHP arbitrary code via the "practice logo" upload feature. The client-side checks can be bypassed. This may allow attackers to steal Protected Health Information because the product is for health charting.
CVE-2023-24065 1 Nosh Chartingsystem Project 1 Nosh Chartingsystem 2024-11-21 N/A 5.4 MEDIUM
NOSH 4a5cfdb allows stored XSS via the create user page. For example, a first name (of a physician, assistant, or billing user) can have a JavaScript payload that is executed upon visiting the /users/2/1 page. This may allow attackers to steal Protected Health Information because the product is for health charting.

NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024