Filtered by vendor Meddream
Subscribe
Total
38 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-54495 | 1 Meddream | 1 Pacs Server | 2026-01-29 | N/A | 6.1 MEDIUM |
| A reflected cross-site scripting (xss) vulnerability exists in the emailfailedjob functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious url can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability. | |||||
| CVE-2025-54157 | 1 Meddream | 1 Pacs Server | 2026-01-29 | N/A | 6.1 MEDIUM |
| A reflected cross-site scripting (xss) vulnerability exists in the encapsulatedDoc functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability. | |||||
| CVE-2025-53912 | 1 Meddream | 1 Pacs Server | 2026-01-29 | N/A | 9.6 CRITICAL |
| An arbitrary file read vulnerability exists in the encapsulatedDoc functionality of MedDream PACS Premium 7.3.6.870. A specially crafted HTTP request can lead to an arbitrary file read. An attacker can send http request to trigger this vulnerability. | |||||
| CVE-2025-53854 | 1 Meddream | 1 Pacs Server | 2026-01-29 | N/A | 6.1 MEDIUM |
| A reflected cross-site scripting (xss) vulnerability exists in the modifyHL7Route functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability. | |||||
| CVE-2025-53707 | 1 Meddream | 1 Pacs Server | 2026-01-29 | N/A | 6.1 MEDIUM |
| A reflected cross-site scripting (xss) vulnerability exists in the modifyTranscript functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability. | |||||
| CVE-2025-53516 | 1 Meddream | 1 Pacs Server | 2026-01-29 | N/A | 6.1 MEDIUM |
| A reflected cross-site scripting (xss) vulnerability exists in the downloadZip functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious url can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability. | |||||
| CVE-2025-46270 | 1 Meddream | 1 Pacs Server | 2026-01-29 | N/A | 6.1 MEDIUM |
| A reflected cross-site scripting (xss) vulnerability exists in the fetchPriorStudies functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability. | |||||
| CVE-2025-44000 | 1 Meddream | 1 Pacs Server | 2026-01-29 | N/A | 6.1 MEDIUM |
| A reflected cross-site scripting (xss) vulnerability exists in the sendOruReport functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability. | |||||
| CVE-2025-36556 | 1 Meddream | 1 Pacs Server | 2026-01-29 | N/A | 6.1 MEDIUM |
| A reflected cross-site scripting (xss) vulnerability exists in the ldapUser functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability. | |||||
| CVE-2025-54861 | 1 Meddream | 1 Pacs Server | 2026-01-29 | N/A | 6.1 MEDIUM |
| A reflected cross-site scripting (xss) vulnerability exists in the modifyCoercion functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability. | |||||
| CVE-2025-54853 | 1 Meddream | 1 Pacs Server | 2026-01-29 | N/A | 6.1 MEDIUM |
| A reflected cross-site scripting (xss) vulnerability exists in the modifyUser functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability. | |||||
| CVE-2025-54852 | 1 Meddream | 1 Pacs Server | 2026-01-29 | N/A | 6.1 MEDIUM |
| A reflected cross-site scripting (xss) vulnerability exists in the modifyAeTitle functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability. | |||||
| CVE-2025-54817 | 1 Meddream | 1 Pacs Server | 2026-01-29 | N/A | 6.1 MEDIUM |
| A reflected cross-site scripting (xss) vulnerability exists in the autoPurge functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious url can lead to arbitrary javascript code execution. An attacker can provide a URL to a malicious website to trigger this vulnerability. | |||||
| CVE-2025-54814 | 1 Meddream | 1 Pacs Server | 2026-01-29 | N/A | 6.1 MEDIUM |
| A reflected cross-site scripting (xss) vulnerability exists in the modifyAutopurgeFilter functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability. | |||||
| CVE-2025-54778 | 1 Meddream | 1 Pacs Server | 2026-01-29 | N/A | 6.1 MEDIUM |
| A reflected cross-site scripting (xss) vulnerability exists in the existingUser functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability. | |||||
| CVE-2025-58080 | 1 Meddream | 1 Pacs Server | 2026-01-29 | N/A | 6.1 MEDIUM |
| A reflected cross-site scripting (xss) vulnerability exists in the modifyHL7App functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability. | |||||
| CVE-2025-57881 | 1 Meddream | 1 Pacs Server | 2026-01-29 | N/A | 6.1 MEDIUM |
| A reflected cross-site scripting (xss) vulnerability exists in the modifyEmail functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability. | |||||
| CVE-2025-57787 | 1 Meddream | 1 Pacs Server | 2026-01-29 | N/A | 6.1 MEDIUM |
| A reflected cross-site scripting (xss) vulnerability exists in the modifyRoute functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability. | |||||
| CVE-2025-57786 | 1 Meddream | 1 Pacs Server | 2026-01-29 | N/A | 6.1 MEDIUM |
| A reflected cross-site scripting (xss) vulnerability exists in the notifynewstudy functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability. | |||||
| CVE-2025-55071 | 1 Meddream | 1 Pacs Server | 2026-01-29 | N/A | 6.1 MEDIUM |
| A reflected cross-site scripting (xss) vulnerability exists in the modifyAnonymize functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability. | |||||