I stumbled on an interesting site today Project Un1c0rn. What this project does is scan the entire internet, search for vulnerabilities, and then post them in a nice searchable database. It is funded through donations and unlocking more info from their database.

I searched for openmrs and found 3 hosts with a weak mysql password that contain an openmrs database. That means that these hosts have mysql exposed to the internet and have a weak password. If anyone owns these hosts, please secure them! Let this be a reminder to everyone else to secure your systems as well.

Geo-IP shows that one of these is in Philippines and I’ve sent an email to point out to our friends in Philippines, since not many people will look at OpenMRS Talk. The other ones from Mumbai and Beijing, don’t think are listed OpenMRS implementations.