Meddream

Pacs Server

39 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2025-58093

Exploit
  • EPSS 0.05%
  • Veröffentlicht 20.01.2026 14:49:37
  • Zuletzt bearbeitet 29.01.2026 14:58:56

Multiple reflected cross-site scripting (xss) vulnerabilities exist in the config.php functionality of MedDream PACS Premium 7.3.6.870. Specially crafted malicious URLs can lead to arbitrary javascript code execution. An attacker can provide a crafte...

6.1

CVE-2025-58092

Exploit
  • EPSS 0.05%
  • Veröffentlicht 20.01.2026 14:49:37
  • Zuletzt bearbeitet 29.01.2026 14:58:36

Multiple reflected cross-site scripting (xss) vulnerabilities exist in the config.php functionality of MedDream PACS Premium 7.3.6.870. Specially crafted malicious URLs can lead to arbitrary javascript code execution. An attacker can provide a crafte...

6.1

CVE-2025-58091

Exploit
  • EPSS 0.05%
  • Veröffentlicht 20.01.2026 14:49:37
  • Zuletzt bearbeitet 29.01.2026 14:58:18

Multiple reflected cross-site scripting (xss) vulnerabilities exist in the config.php functionality of MedDream PACS Premium 7.3.6.870. Specially crafted malicious URLs can lead to arbitrary javascript code execution. An attacker can provide a crafte...

6.1

CVE-2025-58090

Exploit
  • EPSS 0.05%
  • Veröffentlicht 20.01.2026 14:49:37
  • Zuletzt bearbeitet 29.01.2026 15:18:22

Multiple reflected cross-site scripting (xss) vulnerabilities exist in the config.php functionality of MedDream PACS Premium 7.3.6.870. Specially crafted malicious URLs can lead to arbitrary javascript code execution. An attacker can provide a crafte...

6.1

CVE-2025-58089

Exploit
  • EPSS 0.05%
  • Veröffentlicht 20.01.2026 14:49:37
  • Zuletzt bearbeitet 29.01.2026 15:16:31

Multiple reflected cross-site scripting (xss) vulnerabilities exist in the config.php functionality of MedDream PACS Premium 7.3.6.870. Specially crafted malicious URLs can lead to arbitrary javascript code execution. An attacker can provide a crafte...

6.1

CVE-2025-58088

Exploit
  • EPSS 0.05%
  • Veröffentlicht 20.01.2026 14:49:37
  • Zuletzt bearbeitet 29.01.2026 15:16:22

Multiple reflected cross-site scripting (xss) vulnerabilities exist in the config.php functionality of MedDream PACS Premium 7.3.6.870. Specially crafted malicious URLs can lead to arbitrary javascript code execution. An attacker can provide a crafte...

6.1

CVE-2025-58094

Exploit
  • EPSS 0.05%
  • Veröffentlicht 20.01.2026 14:49:37
  • Zuletzt bearbeitet 29.01.2026 15:11:24

Multiple reflected cross-site scripting (xss) vulnerabilities exist in the config.php functionality of MedDream PACS Premium 7.3.6.870. Specially crafted malicious URLs can lead to arbitrary javascript code execution. An attacker can provide a crafte...

6.1

CVE-2025-58087

Exploit
  • EPSS 0.05%
  • Veröffentlicht 20.01.2026 14:49:36
  • Zuletzt bearbeitet 29.01.2026 15:16:14

Multiple reflected cross-site scripting (xss) vulnerabilities exist in the config.php functionality of MedDream PACS Premium 7.3.6.870. Specially crafted malicious URLs can lead to arbitrary javascript code execution. An attacker can provide a crafte...

5.4

CVE-2025-36556

Exploit
  • EPSS 0.04%
  • Veröffentlicht 20.01.2026 14:49:35
  • Zuletzt bearbeitet 29.01.2026 15:23:11

A reflected cross-site scripting (xss) vulnerability exists in the ldapUser functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to ...

8.1

CVE-2025-53912

Exploit
  • EPSS 0.2%
  • Veröffentlicht 20.01.2026 14:49:33
  • Zuletzt bearbeitet 29.01.2026 15:26:24

An arbitrary file read vulnerability exists in the encapsulatedDoc functionality of MedDream PACS Premium 7.3.6.870. A specially crafted HTTP request can lead to an arbitrary file read. An attacker can send http request to trigger this vulnerability.