CVE-2025-58093

Multiple reflected cross-site scripting xss vulnerabilities exist in the config.php functionality of MedDream PACS Premium 7.3.6.870. Specially crafted malicious URLs can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger these vulnerabilities.This...

CVE-2025-58088

Multiple reflected cross-site scripting xss vulnerabilities exist in the config.php functionality of MedDream PACS Premium 7.3.6.870. Specially crafted malicious URLs can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger these vulnerabilities.This...

CVE-2025-58087

Multiple reflected cross-site scripting xss vulnerabilities exist in the config.php functionality of MedDream PACS Premium 7.3.6.870. Specially crafted malicious URLs can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger these vulnerabilities.This...

CVE-2025-58088

Multiple reflected cross-site scripting xss vulnerabilities exist in the config.php functionality of MedDream PACS Premium 7.3.6.870. Specially crafted malicious URLs can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger these vulnerabilities.This...

CVE-2025-58087

Talos reports multiple reflected XSS vulnerabilities in MedDream PACS Premium 7.3.6.870, affecting the config.php status parameter. The issue allows an attacker to craft a URL that injects arbitrary JavaScript, enabling arbitrary code execution in the browser. CVE-2025-58087 is among a set of XSS...

MedDream PACS Premium config.php multiple reflected cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2025-2271 MedDream PACS Premium config.php multiple reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-58089,CVE-2025-58093,CVE-2025-58090,CVE-2025-58091,CVE-2025-58088,CVE-2025-58087,CVE-2025-58094,CVE-2025-58095,CVE-2025-58092...

EUVD-2006-1910

Malware in sbrugna...

CVE-2024-1026 Cogites eReserv config.php cross site scripting

A vulnerability was found in Cogites eReserv 7.7.58 and classified as problematic. This issue affects some unknown processing of the file front/admin/config.php. The manipulation of the argument id with the input %22%3E%3Cscript%3Ealert%27XSS%27%3C/script%3E leads to cross site scripting. The...

Cogites eReserv Cross-Site Scripting Vulnerability

Cogites eReserv is an online reservation management software from Cogites. A cross-site scripting vulnerability exists in Cogites eReserv version 7.7.58, which stems from a cross-site scripting vulnerability in the /front/admin/config.php file...

CVE-2019-15075

An issue was discovered in iNextrix ASTPP before 4.0.1. webinterface/astpp/application/config/config.php does not have strong random keys, as demonstrated by use of the 8YSDaBtDHAB3EQkxPAyTz2I5DttzA9uR private key and the rfddEw232f encryption key...

RPW 1.0.2 (config.php sql_language) Remote File Inclusion Vulnerability

No description provided by source. | | \ | Dr Max Virus | / \ | | / / || \ / \ ------------------------------------------------------------------------------...

CVE-2006-1087

Direct static code injection vulnerability in the modifyconfig action in admin.php for PHP-Stats 0.1.9.1 and earlier allows remote authenticated administrators to execute arbitrary PHP code via the optionnewcompatibilitymode parameter, which is not filtered before being stored in config.php. NOTE...