Heshamm1

**Name of the Vulnerable Software and Affected Versions** OpenEMR versions prior to 8.0.0 **Description** OpenEMR is an electronic health records and medical practice management application. A flaw exists where authenticated users, even those with limited privileges, can access EDI log files. This is due to insufficient access controls on the `edih main.php` API endpoint. Specifically, manipulating the `log select` parameter in a GET request bypasses role-based access control (RBAC), allowing unauthorized access to sensitive system logs. **Recommendations** Update to version 8.0.0 or later.

**Name of the Vulnerable Software and Affected Versions** OpenEMR versions prior to 8.0.0 **Description** OpenEMR is an electronic health records and medical practice management application. Versions of the application prior to 8.0.0 contain an access control flaw. This flaw allows users with limited privileges, such as receptionists, to export a complete message list that includes sensitive patient and user data. The issue is located in the `message list.php` report export functionality, which lacks proper permission checks before executing database queries. The existing CSRF token verification is insufficient to prevent unauthorized data access if the token is compromised. **Recommendations** Update to version 8.0.0 or later.

**Name of the Vulnerable Software and Affected Versions** OpenEMR versions prior to 8.0.0 **Description** A Broken Access Control issue exists in the OpenEMR order types management system. Low-privilege users, such as Receptionists, can add and modify procedure types without proper authorization. This is due to insufficient access controls in the `/openemr/interface/orders/types edit.php` API endpoint. The vulnerability allows unauthorized manipulation of medical procedure types. **Recommendations** Update to version 8.0.0 or later.