PACS Premium
by MedDream
CVEs (34)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-54853 | 0.00 | — | 0.00 | Jan 20, 2026 | A reflected cross-site scripting (xss) vulnerability exists in the modifyUser functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability. | |||
| CVE-2025-57786 | 0.00 | — | 0.00 | Jan 20, 2026 | A reflected cross-site scripting (xss) vulnerability exists in the notifynewstudy functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this… | |||
| CVE-2025-44000 | 0.00 | — | 0.00 | Jan 20, 2026 | A reflected cross-site scripting (xss) vulnerability exists in the sendOruReport functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this… | |||
| CVE-2025-58095 | 0.00 | — | 0.00 | Jan 20, 2026 | Multiple reflected cross-site scripting (xss) vulnerabilities exist in the config.php functionality of MedDream PACS Premium 7.3.6.870. Specially crafted malicious URLs can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger these… | |||
| CVE-2025-58094 | 0.00 | — | 0.00 | Jan 20, 2026 | Multiple reflected cross-site scripting (xss) vulnerabilities exist in the config.php functionality of MedDream PACS Premium 7.3.6.870. Specially crafted malicious URLs can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger these… | |||
| CVE-2025-58093 | 0.00 | — | 0.00 | Jan 20, 2026 | Multiple reflected cross-site scripting (xss) vulnerabilities exist in the config.php functionality of MedDream PACS Premium 7.3.6.870. Specially crafted malicious URLs can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger these… | |||
| CVE-2025-58092 | 0.00 | — | 0.00 | Jan 20, 2026 | Multiple reflected cross-site scripting (xss) vulnerabilities exist in the config.php functionality of MedDream PACS Premium 7.3.6.870. Specially crafted malicious URLs can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger these… | |||
| CVE-2025-58091 | 0.00 | — | 0.00 | Jan 20, 2026 | Multiple reflected cross-site scripting (xss) vulnerabilities exist in the config.php functionality of MedDream PACS Premium 7.3.6.870. Specially crafted malicious URLs can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger these… | |||
| CVE-2025-58090 | 0.00 | — | 0.00 | Jan 20, 2026 | Multiple reflected cross-site scripting (xss) vulnerabilities exist in the config.php functionality of MedDream PACS Premium 7.3.6.870. Specially crafted malicious URLs can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger these… | |||
| CVE-2025-58089 | 0.00 | — | 0.00 | Jan 20, 2026 | Multiple reflected cross-site scripting (xss) vulnerabilities exist in the config.php functionality of MedDream PACS Premium 7.3.6.870. Specially crafted malicious URLs can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger these… | |||
| CVE-2025-58088 | 0.00 | — | 0.00 | Jan 20, 2026 | Multiple reflected cross-site scripting (xss) vulnerabilities exist in the config.php functionality of MedDream PACS Premium 7.3.6.870. Specially crafted malicious URLs can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger these… | |||
| CVE-2025-58087 | 0.00 | — | 0.00 | Jan 20, 2026 | Multiple reflected cross-site scripting (xss) vulnerabilities exist in the config.php functionality of MedDream PACS Premium 7.3.6.870. Specially crafted malicious URLs can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger these… | |||
| CVE-2025-36556 | 0.00 | — | 0.00 | Jan 20, 2026 | A reflected cross-site scripting (xss) vulnerability exists in the ldapUser functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability. | |||
| CVE-2025-53912 | 0.00 | — | 0.00 | Jan 20, 2026 | An arbitrary file read vulnerability exists in the encapsulatedDoc functionality of MedDream PACS Premium 7.3.6.870. A specially crafted HTTP request can lead to an arbitrary file read. An attacker can send http request to trigger this vulnerability. |
- CVE-2025-54853Jan 20, 2026risk 0.00cvss —epss 0.00
A reflected cross-site scripting (xss) vulnerability exists in the modifyUser functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability.
- CVE-2025-57786Jan 20, 2026risk 0.00cvss —epss 0.00
A reflected cross-site scripting (xss) vulnerability exists in the notifynewstudy functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this…
- CVE-2025-44000Jan 20, 2026risk 0.00cvss —epss 0.00
A reflected cross-site scripting (xss) vulnerability exists in the sendOruReport functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this…
- CVE-2025-58095Jan 20, 2026risk 0.00cvss —epss 0.00
Multiple reflected cross-site scripting (xss) vulnerabilities exist in the config.php functionality of MedDream PACS Premium 7.3.6.870. Specially crafted malicious URLs can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger these…
- CVE-2025-58094Jan 20, 2026risk 0.00cvss —epss 0.00
Multiple reflected cross-site scripting (xss) vulnerabilities exist in the config.php functionality of MedDream PACS Premium 7.3.6.870. Specially crafted malicious URLs can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger these…
- CVE-2025-58093Jan 20, 2026risk 0.00cvss —epss 0.00
Multiple reflected cross-site scripting (xss) vulnerabilities exist in the config.php functionality of MedDream PACS Premium 7.3.6.870. Specially crafted malicious URLs can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger these…
- CVE-2025-58092Jan 20, 2026risk 0.00cvss —epss 0.00
Multiple reflected cross-site scripting (xss) vulnerabilities exist in the config.php functionality of MedDream PACS Premium 7.3.6.870. Specially crafted malicious URLs can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger these…
- CVE-2025-58091Jan 20, 2026risk 0.00cvss —epss 0.00
Multiple reflected cross-site scripting (xss) vulnerabilities exist in the config.php functionality of MedDream PACS Premium 7.3.6.870. Specially crafted malicious URLs can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger these…
- CVE-2025-58090Jan 20, 2026risk 0.00cvss —epss 0.00
Multiple reflected cross-site scripting (xss) vulnerabilities exist in the config.php functionality of MedDream PACS Premium 7.3.6.870. Specially crafted malicious URLs can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger these…
- CVE-2025-58089Jan 20, 2026risk 0.00cvss —epss 0.00
Multiple reflected cross-site scripting (xss) vulnerabilities exist in the config.php functionality of MedDream PACS Premium 7.3.6.870. Specially crafted malicious URLs can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger these…
- CVE-2025-58088Jan 20, 2026risk 0.00cvss —epss 0.00
Multiple reflected cross-site scripting (xss) vulnerabilities exist in the config.php functionality of MedDream PACS Premium 7.3.6.870. Specially crafted malicious URLs can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger these…
- CVE-2025-58087Jan 20, 2026risk 0.00cvss —epss 0.00
Multiple reflected cross-site scripting (xss) vulnerabilities exist in the config.php functionality of MedDream PACS Premium 7.3.6.870. Specially crafted malicious URLs can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger these…
- CVE-2025-36556Jan 20, 2026risk 0.00cvss —epss 0.00
A reflected cross-site scripting (xss) vulnerability exists in the ldapUser functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability.
- CVE-2025-53912Jan 20, 2026risk 0.00cvss —epss 0.00
An arbitrary file read vulnerability exists in the encapsulatedDoc functionality of MedDream PACS Premium 7.3.6.870. A specially crafted HTTP request can lead to an arbitrary file read. An attacker can send http request to trigger this vulnerability.
Page 2 of 2