myCare2x Cross-Site Scripting and SQL Injection
myCare2x Cross-Site Scripting and SQL Injection Vulnerabilities
Release Date : 2012-05-04
Criticality level : Moderately critical
Impact : Cross Site Scripting
Manipulation of data
Where : From remote
Solution Status : Unpatched
Multiple vulnerabilities have been reported in myCare2x, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
1) Input passed via the "lang" parameter to modules/patient/mycare2x_pat_info.php, the "dept_nr" and "pid" parameters to modules/importer/mycare2x_importer.php, and the "pid" and "name_last" parameters to modules/patient/mycare_pid.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
2) Input passed via the "name_last", "name_first", "name_middle", and "name_maiden" parameters to modules/patient/mycare_pid.php, the "favorites" and "lang" parameters to modules/nursing/mycare_ward_print.php, the "aktion" and "callurl" parameters to modules/patient/mycare2x_pat_info.php, and the "ln" parameter to modules/drg/mycare2x_proc_search.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
Filter malicious characters and character sequences using a proxy.
Provided and/or discovered by: