Wezery

**Name of the Vulnerable Software and Affected Versions** OpenEMR versions prior to 5.0.2 **Description** An issue was discovered in the custom/ajax download.php file via the `fileName` parameter, allowing an attacker to download any file readable by the user www-data from server storage. If the requested file is writable for the www-data user and the directory /var/www/openemr/sites/default/documents/cqm qrda/ exists, it will be deleted from the server. **Recommendations** For versions prior to 5.0.2, update to version 5.0.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the custom/ajax download.php file and the `fileName` parameter to minimize the risk of exploitation.