CVE-2024-22611

Name of the Vulnerable Software and Affected Versions OpenEMR version 7.0.2

Description The issue is related to SQL Injection. It affects files such as openemrlibraryclassesPharmacy.class.php, controllersC Pharmacy.class.php, and openemrcontroller.php.

Recommendations For OpenEMR version 7.0.2, consider restricting access to the affected files until a patch is available. As a temporary workaround, review and modify the code in openemrlibraryclassesPharmacy.class.php, controllersC Pharmacy.class.php, and openemrcontroller.php to prevent SQL Injection attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.