4 matches found
CVE-2026-25860 OpenClinic GA 5.351.19 Reflected XSS via DICOM Image Upload Handler
OpenClinic GA 5.351.19 contains a reflected cross-site scripting vulnerability in the DICOM image upload handler that allows attackers to execute arbitrary JavaScript in a victim's browser by embedding malicious payloads in DICOM file metadata fields. Attackers can craft a DICOM file with...
CVE-2023-40280
An issue was discovered in OpenClinic GA 5.247.01. An attacker can perform a directory path traversal via the Page parameter in a GET request to popup.jsp...
media.lifeway.com XSS vulnerability
Vulnerable URL: http://media.lifeway.com/wmedia/lifeway/popup.asp?page=syscheck.asp=420=640=1"...
suap.comune.pv.it XSS vulnerability
Vulnerable URL: http://suap.comune.pv.it/popUp.asp?gSoftware=IstatComuni=G388IncludePage=popupcentro.asp=1"...