CVE-2021-41843

MEDIUM

OpenEMR 6.0.0 - Authenticated SQL Injection via Calendar Search Provider ID Parameter

Title source: llm

Description

An authenticated SQL injection issue in the calendar search function of OpenEMR 6.0.0 before patch 3 allows an attacker to read data from all tables of the database via the parameter provider_id, as demonstrated by the /interface/main/calendar/index.php?module=PostCalendar&func=search URI.

References (4)

Core 4

Core References

Exploit, Third Party Advisory x_refsource_misc

https://trovent.io/security-advisory-2109-01

Exploit, Third Party Advisory x_refsource_misc

https://trovent.github.io/security-advisories/TRSA-2109-01/TRSA-2109-01.txt

Exploit, Third Party Advisory, VDB Entry x_refsource_misc

http://packetstormsecurity.com/files/165301/OpenEMR-6.0.0-6.1.0-dev-SQL-Injection.html

Exploit, Mailing List, Third Party Advisory mailing-list x_refsource_fulldisc

http://seclists.org/fulldisclosure/2021/Dec/38

Scores

CVSS v3 6.5

EPSS 0.0018

EPSS Percentile 39.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-89

Status published

Products (1)

open-emr/openemr 6.0.0 (3 CPE variants)

Published Dec 17, 2021

Tracked Since Feb 18, 2026