Lucene search
K

9 matches found

CVE
CVE
added 2026/05/25 2:15 p.m.21 views

CVE-2018-25374

CVE-2018-25374 affects Softneta MedDream PACS Server Premium 6.7.1.1. A directory-traversal vulnerability allows unauthenticated attackers to read arbitrary files by manipulating the path parameter, using requests to nocache.php with encoded backslash sequences. This can expose sensitive files in...

8.7CVSS5.9AI score0.00785EPSS
Exploits0References3
CVE
CVE
added 2026/05/25 2:15 p.m.20 views

CVE-2018-25372

CVE-2018-25372 : MedDream PACS Server Premium 6.7.1.1 contains an unauthenticated SQL injection in the email parameter of the userSignup.php endpoint. Crafting POST requests with SQL payloads can extract sensitive information from the backend MySQL database. The description explicitly states the ...

8.8CVSS6.1AI score0.00305EPSS
Exploits0References2
OSV
OSV
added 2026/01/20 3:17 p.m.4 views

CVE-2025-58080

A reflected cross-site scripting xss vulnerability exists in the modifyHL7App functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability...

5.4CVSS5.9AI score0.00235EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/01/20 2:50 p.m.5 views

CVE-2025-54495

A reflected cross-site scripting xss vulnerability exists in the emailfailedjob functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious url can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability...

6.1CVSS5.5AI score0.00286EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/20 2:49 p.m.2 views

CVE-2025-53707

A reflected cross-site scripting xss vulnerability exists in the modifyTranscript functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability...

6.1CVSS5.6AI score0.00317EPSS
Exploits1References1
CVE
CVE
added 2026/01/20 2:49 p.m.11 views

CVE-2025-57786

CVE-2025-57786 is a post-authenticated, reflected XSS in MedDream PACS Premium 7.3.6.870, specifically in the Pacs/notifynewstudy.php script where the value of the user parameter is written into HTML output without sanitization. Talos details confirm the vulnerability can trigger arbitrary JavaSc...

6.1CVSS5.6AI score0.00235EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/20 2:49 p.m.5 views

CVE-2025-58089

Multiple reflected cross-site scripting xss vulnerabilities exist in the config.php functionality of MedDream PACS Premium 7.3.6.870. Specially crafted malicious URLs can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger these vulnerabilities.This...

6.1CVSS5.6AI score0.00229EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/01/20 12:0 a.m.7 views

MedDream PACS Premium security vulnerability

MedDream PACS Premium is an enterprise-level image storage and management server suite developed by MedDream Corporation. Version 7.3.6.870 of MedDream PACS Premium contains a security vulnerability. This vulnerability stems from a reflective cross-site scripting vulnerability in the modifyHL7Rou...

6.1CVSS5.9AI score0.00286EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/01/20 12:0 a.m.7 views

MedDream PACS Premium 安全漏洞

MedDream PACS Premium is an enterprise-class image storage and management server suite from MedDream. MedDream PACS Premium suffers from a cross-site scripting vulnerability that is caused by improper validation of user-supplied input by the autoPurge feature. An attacker could exploit the...

6.1CVSS5.9AI score0.00235EPSS
Exploits1References1
Rows per page
Query Builder