Lucene search
K

4 matches found

CNVD
CNVD
added 2026/01/26 12:0 a.m.5 views

MedDream PACS Premium Cross-Site Scripting Vulnerability (CNVD-2026-11738)

MedDream PACS Premium is an enterprise-class image storage and management server suite from MedDream. MedDream PACS Premium suffers from a cross-site scripting vulnerability that is caused by improper validation of user-supplied input by the autoPurge feature. An attacker could exploit the...

6.1CVSS6.1AI score0.00235EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/01/20 2:50 p.m.2 views

CVE-2025-54817

A reflected cross-site scripting xss vulnerability exists in the autoPurge functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious url can lead to arbitrary javascript code execution. An attacker can provide a URL to a malicious website to trigger this vulnerability...

6.1CVSS5.5AI score0.00235EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2026/01/20 2:50 p.m.21 views

CVE-2025-54817

CVE-2025-54817 — MedDream PACS Premium 7.3.6.870 is affected by a reflected XSS vulnerability in the autoPurge functionality. TALOS details a post-authentication vulnerability in Pacs/autoPurge.php where the value of the purgeby parameter is written to HTML output without sanitization, enabling a...

6.1CVSS5.6AI score0.00235EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/01/20 12:0 a.m.6 views

PT-2026-3602

A reflected cross-site scripting xss vulnerability exists in the autoPurge functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious url can lead to arbitrary javascript code execution. An attacker can provide a URL to a malicious website to trigger this vulnerability...

6.1CVSS5.6AI score0.00235EPSS
Exploits1References2
Rows per page
Query Builder