4 matches found
Multiple Cross-Site Scripting Vulnerabilities in SonicDICOM PACS
SonicDICOM is a PACS software from JIUN Corporation that combines the functionality of DICOM with a web browser based on DICOM Viewer. SonicDICOM has multiple stored cross-site scripting vulnerabilities. The vulnerabilities stem from input passed to multiple API POST parameters failing to validat...
SonicDICOM PACS 2.3.2 - Cross-Site Request Forgery (Add Admin)
SonicDICOM PACS 2.3.2 - Cross-Site Request Forgery Add Admin SonicDICOM PACS 2.3.2 CSRF Add Admin Exploit Vendor: JIUN Corporation Product web page: https://www.sonicdicom.com Affected version: 2.3.2 and 2.3.1 Summary: SonicDICOM is PACS software that combines the capabilities of DICOM Server wit...
SonicDICOM PACS 2.3.2 - Privilege Escalation
SonicDICOM PACS 2.3.2 - Privilege Escalation SonicDICOM PACS 2.3.2 Remote Vertical Privilege Escalation Exploit Vendor: JIUN Corporation Product web page: https://www.sonicdicom.com Affected version: 2.3.2 and 2.3.1 Summary: SonicDICOM is PACS software that combines the capabilities of DICOM Serv...
SonicDICOM PACS 2.3.2 CSRF Add Admin Exploit
Summary SonicDICOM is PACS software that combines the capabilities of DICOM Server with web browser based DICOM Viewer. Description The application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be...