Lucene search
K

733 matches found

Nuclei
Nuclei
added 8 hours ago43 views

Sante PACS Server.exe - Path Traversal Information Disclosure

A Path Traversal Information Disclosure vulnerability exists in "Sante PACS Server.exe". An unauthenticated remote attacker can exploit it to download arbitrary files on the disk drive where the application is installed. id: CVE-2025-2264 info: name: Sante PACS Server.exe - Path Traversal...

7.5CVSS7.2AI score0.38656EPSS
Exploits2References1
NVD
NVD
added 2026/07/01 4:16 p.m.8 views

CVE-2026-58126

PACSgear PACS Scan 5.2.1 contains an unauthenticated remote code execution vulnerability that allows remote attackers to read and write arbitrary files by exploiting an exposed .NET Remoting TCP service on port 22222 via PGImageExchQueue.exe without any authentication requirement. Attackers can...

9.8CVSS0.00963EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/07/01 2:39 p.m.34 views

CVE-2026-58126 PACSgear PACS Scan 5.2.1 Unauthenticated RCE via .NET Remoting TCP Service

PACSgear PACS Scan 5.2.1 contains an unauthenticated remote code execution vulnerability that allows remote attackers to read and write arbitrary files by exploiting an exposed .NET Remoting TCP service on port 22222 via PGImageExchQueue.exe without any authentication requirement. Attackers can...

9.8CVSS0.00963EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/07/01 2:39 p.m.9 views

CVE-2026-58126

PACSgear PACS Scan 5.2.1 contains an unauthenticated remote code execution vulnerability that allows remote attackers to read and write arbitrary files by exploiting an exposed .NET Remoting TCP service on port 22222 via PGImageExchQueue.exe without any authentication requirement. Attackers can...

9.8CVSS6.5AI score0.00963EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2026/07/01 2:39 p.m.19 views

CVE-2026-58126

PACSgear PACS Scan 5.2.1 is affected by an unauthenticated remote code execution through an exposed .NET Remoting TCP service (port 22222). The vulnerability chain starts with PGImageExchQueue.exe allowing arbitrary file read/write via the service, which can be leveraged with DLL hijacking in PGI...

9.8CVSS6.5AI score0.00963EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.9 views

PT-2026-54908

Name of the Vulnerable Software and Affected Versions PACSgear PACS Scan version 5.2.1 Description An unauthenticated remote code execution issue exists due to an exposed .NET Remoting TCP service on port 22222 used by PGImageExchQueue.exe. The flaw stems from insecure remoting endpoints and...

9.8CVSS6.5AI score0.00963EPSS
Exploits1References6
NVD
NVD
added 2026/05/25 3:16 p.m.21 views

CVE-2018-25372

MedDream PACS Server Premium 6.7.1.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the email parameter. Attackers can submit crafted POST requests to the userSignup.php endpoint with SQL payloads ...

8.8CVSS0.00305EPSS
Exploits0References2
NVD
NVD
added 2026/05/25 3:16 p.m.14 views

CVE-2018-25374

Softneta MedDream PACS Server Premium 6.7.1.1 contains a directory traversal vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the path parameter. Attackers can send requests to nocache.php with encoded backslash sequences to traverse directories and acce...

8.7CVSS0.00785EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/25 2:15 p.m.15 views

EUVD-2018-21897

Softneta MedDream PACS Server Premium 6.7.1.1 contains a directory traversal vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the path parameter. Attackers can send requests to nocache.php with encoded backslash sequences to traverse directories and acce...

8.7CVSS5.9AI score0.00785EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/25 2:15 p.m.8 views

CVE-2018-25374 Softneta MedDream PACS Server Premium 6.7.1.1 Directory Traversal

Softneta MedDream PACS Server Premium 6.7.1.1 contains a directory traversal vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the path parameter. Attackers can send requests to nocache.php with encoded backslash sequences to traverse directories and acce...

8.7CVSS5.9AI score0.00785EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/25 2:15 p.m.13 views

CVE-2018-25372 MedDream PACS Server Premium 6.7.1.1 SQL Injection via email

MedDream PACS Server Premium 6.7.1.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the email parameter. Attackers can submit crafted POST requests to the userSignup.php endpoint with SQL payloads ...

8.8CVSS6.1AI score0.00305EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/25 2:15 p.m.15 views

EUVD-2018-21895

MedDream PACS Server Premium 6.7.1.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the email parameter. Attackers can submit crafted POST requests to the userSignup.php endpoint with SQL payloads ...

8.8CVSS6.1AI score0.00305EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/25 12:0 a.m.19 views

PT-2026-43224

MedDream PACS Server Premium 6.7.1.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the email parameter. Attackers can submit crafted POST requests to the userSignup.php endpoint with SQL payloads ...

8.8CVSS6.1AI score0.00305EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.12 views

Softneta MedDream PACS Server Premium SQL注入漏洞

Softneta MedDream PACS Server Premium is a medical image storage and reading platform from Softneta. A SQL injection vulnerability exists in Softneta MedDream PACS Server Premium version 6.7.1.1, which originates from malicious code injection via email parameters and could lead to execution of...

8.8CVSS6.2AI score0.00305EPSS
Exploits0References2
NVD
NVD
added 2026/04/29 8:16 p.m.5 views

CVE-2018-25298

Merge PACS 7.0 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized actions by crafting malicious HTML forms targeting the merge-viewer endpoint. Attackers can submit POST requests to /servlet/actions/merge-viewer/summary with login credentials to hija...

6.9CVSS0.00138EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/04/29 7:24 p.m.4 views

CVE-2018-25298 Merge PACS 7.0 Cross-Site Request Forgery via merge-viewer

Merge PACS 7.0 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized actions by crafting malicious HTML forms targeting the merge-viewer endpoint. Attackers can submit POST requests to /servlet/actions/merge-viewer/summary with login credentials to hija...

6.9CVSS5.2AI score0.00138EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/29 7:24 p.m.39 views

CVE-2018-25298 Merge PACS 7.0 Cross-Site Request Forgery via merge-viewer

Merge PACS 7.0 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized actions by crafting malicious HTML forms targeting the merge-viewer endpoint. Attackers can submit POST requests to /servlet/actions/merge-viewer/summary with login credentials to hija...

6.9CVSS0.00138EPSS
Exploits0References3
CVE
CVE
added 2026/04/29 7:24 p.m.11 views

CVE-2018-25298

CVE-2018-25298 affects Merge PACS 7.0. It is a cross-site request forgery (CSRF) that enables attackers to perform unauthorized actions by crafting malicious HTML forms targeting the merge-viewer endpoint. Specifically, POST requests to /servlet/actions/merge-viewer/summary can hijack user sessio...

6.9CVSS5.2AI score0.00138EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/29 12:0 a.m.13 views

Merative Merge PACS 跨站请求伪造漏洞

Merative Merge PACS is a medical imaging archiving and communication system developed by the American company Merative. Version 7.0 of Merative Merge PACS contains a cross-site request forgeing vulnerability. This vulnerability stems from cross-site request forgery, allowing attackers to execute...

6.9CVSS5.8AI score0.00138EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/02 11:9 a.m.4 views

CVE-2025-10350

SQL Injection vulnerability in "imageserver" module when processing C-FIND queries in CGM NETRAAD software allows attacker connected to PACS gaining access to database, including data processed by GCM CLININET software.This issue affects CGM NETRAAD with imageserver module in versions before 7.9....

8.8CVSS6AI score0.00186EPSS
Exploits0References3
Rows per page
Query Builder