Lucene search
+L
RainbowfishsoftwarePacsone Server

7 matches found

CVE
CVE
added 2021/02/03 12:27 p.m.63 views

CVE-2020-29164

CVE-2020-29164 concerns PacsOne Server (PACS Server In One Box)

6.1CVSS6AI score0.05355EPSS
CVE
CVE
added 2021/02/03 12:27 p.m.50 views

CVE-2020-29165

Affected software: PacsOne Server (PACS Server In One Box). Vulnerable if running versions below 7.1.1. Root cause: incorrect access control leading to remote elevation of privileges to administrator. Impact: potential remote admin access if exploited. Public exploitation/attack specifics are not...

9.8CVSS9.4AI score0.01718EPSS
CVE
CVE
added 2021/02/03 12:27 p.m.46 views

CVE-2020-29166

CVE-2020-29166 affects PacsOne Server (PACS Server In One Box) prior to version 7.1.1, with a file read/manipulation vulnerability that can lead to remote information disclosure. The connected data confirms the flaw and its impact but does not provide explicit remediation steps or confirmed explo...

7.5CVSS7.2AI score0.02308EPSS
CVE
CVE
added 2021/02/03 12:26 p.m.44 views

CVE-2020-29163

PacsOne Server (PACS Server In One Box) versions below 7.1.1 are affected by a SQL injection vulnerability. The CVE entry for CVE-2020-29163 is corroborated across multiple sources (NVD, RH, CNVD, CVE listings). Exploitation details, impacted product versions beyond 7.1.1, and remediation steps a...

8.8CVSS9.1AI score0.01137EPSS
CVE
CVE
added 2020/09/30 8:54 p.m.42 views

CVE-2020-12869

RainbowFish PacsOne Server 6.8.4 is affected by a Cross-Site Scripting (XSS) vulnerability (CVE-2020-12869). The connected sources confirm the vulnerable product version and the vulnerability class but do not provide concrete details about the root cause, specific vulnerable component, or a confi...

5.4CVSS5.5AI score0.00551EPSS
CVE
CVE
added 2020/09/30 8:44 p.m.40 views

CVE-2020-12715

RainbowFish PacsOne Server 6.8.4 is affected by an Incorrect Access Control vulnerability (CVE-2020-12715). The connected sources identify the issue and reference the same product/version, with no further technical details on the root cause, exploit vectors, or a specified fix in the provided doc...

8.8CVSS8.6AI score0.01207EPSS
CVE
CVE
added 2020/09/30 8:40 p.m.36 views

CVE-2020-12870

RainbowFish PacsOne Server 6.8.4 is affected by CVE-2020-12870 due to an SQL injection on the username parameter in the signup page. The issue is documented across multiple sources (NVD, Red Hat entry, CVE lists) with CVSS scores indicating high/critical impact (CVSS v2 base 7.5; CVSS v3.1 base 9...

9.8CVSS9.8AI score0.01609EPSS