7 matches found
CVE-2020-29164
CVE-2020-29164 concerns PacsOne Server (PACS Server In One Box)
CVE-2020-29165
Affected software: PacsOne Server (PACS Server In One Box). Vulnerable if running versions below 7.1.1. Root cause: incorrect access control leading to remote elevation of privileges to administrator. Impact: potential remote admin access if exploited. Public exploitation/attack specifics are not...
CVE-2020-29166
CVE-2020-29166 affects PacsOne Server (PACS Server In One Box) prior to version 7.1.1, with a file read/manipulation vulnerability that can lead to remote information disclosure. The connected data confirms the flaw and its impact but does not provide explicit remediation steps or confirmed explo...
CVE-2020-29163
PacsOne Server (PACS Server In One Box) versions below 7.1.1 are affected by a SQL injection vulnerability. The CVE entry for CVE-2020-29163 is corroborated across multiple sources (NVD, RH, CNVD, CVE listings). Exploitation details, impacted product versions beyond 7.1.1, and remediation steps a...
CVE-2020-12869
RainbowFish PacsOne Server 6.8.4 is affected by a Cross-Site Scripting (XSS) vulnerability (CVE-2020-12869). The connected sources confirm the vulnerable product version and the vulnerability class but do not provide concrete details about the root cause, specific vulnerable component, or a confi...
CVE-2020-12715
RainbowFish PacsOne Server 6.8.4 is affected by an Incorrect Access Control vulnerability (CVE-2020-12715). The connected sources identify the issue and reference the same product/version, with no further technical details on the root cause, exploit vectors, or a specified fix in the provided doc...
CVE-2020-12870
RainbowFish PacsOne Server 6.8.4 is affected by CVE-2020-12870 due to an SQL injection on the username parameter in the signup page. The issue is documented across multiple sources (NVD, Red Hat entry, CVE lists) with CVSS scores indicating high/critical impact (CVSS v2 base 7.5; CVSS v3.1 base 9...