RSS   Vulnerabilities for 'Pacsone server'   RSS

2021-02-03
 
CVE-2020-29166

CWE-918
 

 
PacsOne Server (PACS Server In One Box) below 7.1.1 is affected by file read/manipulation, which can result in remote information disclosure.

 
 
CVE-2020-29165

CWE-863
 

 
PacsOne Server (PACS Server In One Box) below 7.1.1 is affected by incorrect access control, which can result in remotely gaining administrator privileges.

 
 
CVE-2020-29164

CWE-79
 

 
PacsOne Server (PACS Server In One Box) below 7.1.1 is affected by cross-site scripting (XSS).

 
 
CVE-2020-29163

CWE-89
 

 
PacsOne Server (PACS Server In One Box) below 7.1.1 is affected by SQL injection.

 
2020-09-30
 
CVE-2020-12870

CWE-89
 

 
RainbowFish PacsOne Server 6.8.4 allows SQL injection on the username parameter in the signup page.

 
 
CVE-2020-12869

CWE-79
 

 
RainbowFish PacsOne Server 6.8.4 allows XSS.

 
 
CVE-2020-12715

CWE-434
 

 
RainbowFish PacsOne Server 6.8.4 has Incorrect Access Control.

 


Copyright 2024, cxsecurity.com

 

Back to Top