search

openemr

hashtag
Default Creds

admin:pass

hashtag
Interesting Paths

# version check
/admin.php

# db information
/gacl/setup.php

# register page
/portal/account/register.php

# db creds
/sql/defaults.sql
/sites/default/sqlconf.php

hashtag
Enable patient portal

Note: most exploit db require this

Logged in > Administration > Globals > Portal > Enable Version 2 Onsite Patient Portal

hashtag
RCE (authenticated)

v5.0.1.x

hashtag
multiple SQLi

v5.0.1.3

PreviousopendocmanNextopensmtpd

Last updated