CVE-2018-15139-Exploit
Exploit Title: OpenEMR < 5.0.1.4 - Remote Code Execution (Authenticated)
CVE description:
Unrestricted file upload in interface/super/manage_site_files.php in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary PHP code by uploading a file with a PHP extension via the images upload form and accessing it in the images directory.
ExploitDB:
Exploit Description:
Open EMR is vulnerable to an unrestricted file upload vulnerability in super/manage_site_files.php. This is due to improper (non-existent), checks on the file submitted by the administrator. An authenticated user could use this vulnerability to escalate their privileges by uploaded a PHP web shell to execute system commands.
- Vendor Homepage: https://www.open-emr.org/
- Software Link: https://github.com/openemr/openemr/archive/refs/tags/v5_0_1_3.zip
- Version: Prior to 5.0.1.4
- Tested on Ubuntu 18.04


