Lucene search

Pacsone Server Security Vulnerabilities

cve

CVE-2020-12715

RainbowFish PacsOne Server 6.8.4 has Incorrect Access Control.

8.8CVSS

8.6AI Score

0.001EPSS

2020-09-30 09:15 PM

cve

CVE-2020-12869

RainbowFish PacsOne Server 6.8.4 allows XSS.

5.4CVSS

5.5AI Score

0.001EPSS

2020-09-30 09:15 PM

cve

CVE-2020-12870

RainbowFish PacsOne Server 6.8.4 allows SQL injection on the username parameter in the signup page.

9.8CVSS

9.8AI Score

0.002EPSS

2020-09-30 09:15 PM

cve

CVE-2020-29163

PacsOne Server (PACS Server In One Box) below 7.1.1 is affected by SQL injection.

8.8CVSS

9.1AI Score

0.001EPSS

2021-02-03 01:15 PM

cve

CVE-2020-29164

PacsOne Server (PACS Server In One Box) below 7.1.1 is affected by cross-site scripting (XSS).

6.1CVSS

6AI Score

0.002EPSS

2021-02-03 01:15 PM

cve

CVE-2020-29165

PacsOne Server (PACS Server In One Box) below 7.1.1 is affected by incorrect access control, which can result in remotely gaining administrator privileges.

9.8CVSS

9.4AI Score

0.006EPSS

2021-02-03 01:15 PM

cve

CVE-2020-29166

PacsOne Server (PACS Server In One Box) below 7.1.1 is affected by file read/manipulation, which can result in remote information disclosure.

7.5CVSS

7.2AI Score

0.011EPSS

2021-02-03 01:15 PM