CVE-2016-6272

EPSS 6.48% · P91 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2016-6272

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

XPath injection vulnerability in Epic MyChart allows remote attackers to access contents of an XML document containing static display strings, such as field labels, via the topic parameter to help.asp. NOTE: this was originally reported as a SQL injection vulnerability, but this may be inaccurate.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

EPIC MyChart SQL注入漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

EPIC MyChart是意大利EPIC公司的一套用于医疗体系的患者管理软件。该软件支持患者资料管理和在线预约等功能。 EPIC MyChart中存在SQL注入漏洞。远程攻击者可通过向help.asp文件发送‘topic’参数利用该漏洞执行任意的SQL命令。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2016-6272

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2016-6272

请登录查看更多情报信息。

http://packetstormsecurity.com/files/146418/EPIC-MyChart-SQL-Injection.htmlx_refsource_MISC
https://www.exploit-db.com/exploits/44098/exploitx_refsource_EXPLOIT-DB
https://nvd.nist.gov/vuln/detail/CVE-2016-6272

Same Patch Batch · n/a · 2018-02-20 · 27 CVEs total

CVE-2018-6356		CloudBees Jenkins和Jenkins LTS 路径遍历漏洞
CVE-2018-7259		Flight Sim Labs A320-X FSX / P3Dv4 installer 信息泄露漏洞
CVE-2017-18192		Photo,Video Locker-Calculator application for Android 信息泄露漏洞
CVE-2017-16835		Photo,Video Locker-Calculator application for Android 信息泄露漏洞
CVE-2015-9256		Datto ALTO和SIRIS devices 信息泄露漏洞
CVE-2015-9255		Datto ALTO和SIRIS devices 信息泄露漏洞
CVE-2015-9254		Datto ALTO和SIRIS devices 安全漏洞
CVE-2015-2081		Datto ALTO和SIRIS devices 输入验证漏洞
CVE-2018-7205		Kentico 跨站脚本漏洞
CVE-2018-7046		Kentico 操作系统命令注入漏洞
CVE-2018-6941		NAT32 HTTPD组件跨站请求伪造漏洞
CVE-2018-6940		NAT32 HTTPD组件跨站脚本漏洞
CVE-2018-6459		strongSwan 安全漏洞
CVE-2017-12415		OXID eSales OXID eShop 跨站请求伪造漏洞
CVE-2017-16356		Kubik-Rubik SIGE 跨站脚本漏洞
CVE-2017-6193		APNGDis 缓冲区错误漏洞
CVE-2017-6192		APNGDis 缓冲区错误漏洞
CVE-2018-5477		ABB netCADOPS Web Application 信息泄露漏洞
CVE-2017-10963		Samsung Knox SDS IAM和EMM 安全漏洞
CVE-2015-6544		Combodo iTop 跨站脚本漏洞

Showing top 20 of 27 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2016-6272

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2016-6272

I. Basic Information for CVE-2016-6272

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2016-6272

III. Intelligence Information for CVE-2016-6272

Same Patch Batch · n/a · 2018-02-20 · 27 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2016-6272

Leave a comment