OpenEMR New.php Command Injection (CVE-2019-3968)

A command injection vulnerability exists in OpenEMR New.php. Successful exploitation of this vulnerability could result in arbitrary command execution on the affected system.

You can read the full article here.