Meddream

Pacs Server

39 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2020-37009

Exploit
  • EPSS 0.26%
  • Veröffentlicht 29.01.2026 14:28:30
  • Zuletzt bearbeitet 29.01.2026 17:16:11

MedDream PACS Server 6.8.3.751 contains an authenticated remote code execution vulnerability that allows authorized users to upload malicious PHP files. Attackers can exploit the uploadImage.php endpoint by authenticating and uploading a PHP shell to...

5.4

CVE-2025-54817

Exploit
  • EPSS 0.04%
  • Veröffentlicht 20.01.2026 14:50:10
  • Zuletzt bearbeitet 29.01.2026 15:21:14

A reflected cross-site scripting (xss) vulnerability exists in the autoPurge functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious url can lead to arbitrary javascript code execution. An attacker can provide a URL to a malic...

6.1

CVE-2025-53516

Exploit
  • EPSS 0.05%
  • Veröffentlicht 20.01.2026 14:50:09
  • Zuletzt bearbeitet 29.01.2026 15:23:39

A reflected cross-site scripting (xss) vulnerability exists in the downloadZip functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious url can lead to arbitrary javascript code execution. An attacker can provide a crafted URL ...

5.4

CVE-2025-54495

Exploit
  • EPSS 0.04%
  • Veröffentlicht 20.01.2026 14:50:07
  • Zuletzt bearbeitet 29.01.2026 15:27:04

A reflected cross-site scripting (xss) vulnerability exists in the emailfailedjob functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious url can lead to arbitrary javascript code execution. An attacker can provide a crafted U...

5.4

CVE-2025-54157

Exploit
  • EPSS 0.04%
  • Veröffentlicht 20.01.2026 14:50:06
  • Zuletzt bearbeitet 29.01.2026 15:26:33

A reflected cross-site scripting (xss) vulnerability exists in the encapsulatedDoc functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted ...

5.4

CVE-2025-54778

Exploit
  • EPSS 0.04%
  • Veröffentlicht 20.01.2026 14:50:04
  • Zuletzt bearbeitet 29.01.2026 15:20:54

A reflected cross-site scripting (xss) vulnerability exists in the existingUser functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL...

5.4

CVE-2025-46270

Exploit
  • EPSS 0.04%
  • Veröffentlicht 20.01.2026 14:50:02
  • Zuletzt bearbeitet 29.01.2026 15:23:32

A reflected cross-site scripting (xss) vulnerability exists in the fetchPriorStudies functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafte...

6.1

CVE-2025-55071

Exploit
  • EPSS 0.05%
  • Veröffentlicht 20.01.2026 14:50:00
  • Zuletzt bearbeitet 29.01.2026 15:19:18

A reflected cross-site scripting (xss) vulnerability exists in the modifyAnonymize functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted ...

6.1

CVE-2025-54852

Exploit
  • EPSS 0.05%
  • Veröffentlicht 20.01.2026 14:49:58
  • Zuletzt bearbeitet 29.01.2026 15:21:24

A reflected cross-site scripting (xss) vulnerability exists in the modifyAeTitle functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted UR...

5.4

CVE-2025-54814

Exploit
  • EPSS 0.04%
  • Veröffentlicht 20.01.2026 14:49:56
  • Zuletzt bearbeitet 29.01.2026 15:21:04

A reflected cross-site scripting (xss) vulnerability exists in the modifyAutopurgeFilter functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a cr...