10 matches found
CVE-2018-25298
Merge PACS 7.0 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized actions by crafting malicious HTML forms targeting the merge-viewer endpoint. Attackers can submit POST requests to /servlet/actions/merge-viewer/summary with login credentials to hija...
CVE-2018-25298 Merge PACS 7.0 Cross-Site Request Forgery via merge-viewer
Merge PACS 7.0 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized actions by crafting malicious HTML forms targeting the merge-viewer endpoint. Attackers can submit POST requests to /servlet/actions/merge-viewer/summary with login credentials to hija...
CVE-2018-25298
CVE-2018-25298 affects Merge PACS 7.0. It is a cross-site request forgery (CSRF) that enables attackers to perform unauthorized actions by crafting malicious HTML forms targeting the merge-viewer endpoint. Specifically, POST requests to /servlet/actions/merge-viewer/summary can hijack user sessio...
CVE-2018-25298 Merge PACS 7.0 Cross-Site Request Forgery via merge-viewer
Merge PACS 7.0 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized actions by crafting malicious HTML forms targeting the merge-viewer endpoint. Attackers can submit POST requests to /servlet/actions/merge-viewer/summary with login credentials to hija...
Merative Merge PACS 跨站请求伪造漏洞
Merative Merge PACS is a medical imaging archiving and communication system developed by the American company Merative. Version 7.0 of Merative Merge PACS contains a cross-site request forgeing vulnerability. This vulnerability stems from cross-site request forgery, allowing attackers to execute...
Merge PACS Cross-Site Request Forgery Vulnerability
Merge PACS is a reading workflow platform that streamlines physicians' reading activities and centrally manages learning. A cross-site request forgery vulnerability exists in Merge PACS 7.0. An attacker could exploit this vulnerability to launch arbitrary requests...
Merge PACS 7.0 - Cross-Site Request Forgery Vulnerability
Exploit for linux platform in category web applications Exploit Title: Merge PACS 7.0 - Cross-Site Request Forgery Exploit Author: Safak Aslan Vendor Homepage: http://www.merge.com/ Version: Merge PACS 7.0 Tested on: Windows CVE: - 1. Proof of Concept history.pushState'', '', '/' Post Data: POST...
Merge PACS 7.0 - Cross-Site Request Forgery
Merge PACS 7.0 - Cross-Site Request Forgery Exploit Title: Merge PACS 7.0 - Cross-Site Request Forgery Google Dork: - Date: 2018-05-21 Exploit Author: Safak Aslan Vendor Homepage: http://www.merge.com/ Version: Merge PACS 7.0 Tested on: Windows CVE: - 1. Proof of Concept history.pushState'', '',...
Merge PACS 7.0 Cross Site Request Forgery
Exploit Title: Merge PACS 7.0 - Cross-Site Request Forgery Google Dork: - Date: 2018-05-21 Exploit Author: Safak Aslan Vendor Homepage: http://www.merge.com/ Version: Merge PACS 7.0 Tested on: Windows CVE: - 1. Proof of Concept history.pushState'', '', '/' Post Data: POST...
Merge PACS 7.0 - Cross-Site Request Forgery
Exploit Title: Merge PACS 7.0 - Cross-Site Request Forgery Google Dork: - Date: 2018-05-21 Exploit Author: Safak Aslan Vendor Homepage: http://www.merge.com/ Version: Merge PACS 7.0 Tested on: Windows CVE: - 1. Proof of Concept history.pushState'', '', '/' Post Data: POST...