← back
CVE-2018-17179

CVE-2018-17179

EPSS 11.9%
Vexday Risk Score
23Low
SSVC decision (CISA)
Attend
PoC available → attend closely
Exploit maturity
Functional exploit
Automatable exploit available (Nuclei/Metasploit).
CVSS EPSS 11.9%KEV nãoPoC Nuclei Metasploit simPatch
Lifecycle
17 May 2019Metasploit module available
17 May 2019Published on NVD
Recommendation: Plan a near-term fix — a public PoC already exists.
An issue was discovered in OpenEMR before 5.0.1 Patch 7. There is SQL Injection in the make_task function in /interface/forms/eye_mag/php/taskman_functions.php via /interface/forms/eye_mag/taskman.php.
Affected products
n/a · n/a