Vulnerabilidades en MedDream
40 resultadosCVE-2025-24485MEDIUMA server-side request forgery vulnerability exists in the cecho.php functionality of MedDream PACS Premium 7.3.5.860. A specially crafted HTEPSS 5.0%CVE-2025-3484CRITICALMedDream PACS Server DICOM File Parsing Stack-based Buffer Overflow Remote Code Execution VulnerabilityEPSS 0.8%CVE-2025-32731MEDIUMA reflected cross-site scripting (xss) vulnerability exists in the radiationDoseReport.php functionality of meddream MedDream PACS Premium 7EPSS 0.7%CVE-2025-3481CRITICALMedDream PACS Server DICOM File Parsing Stack-based Buffer Overflow Remote Code Execution VulnerabilityEPSS 0.5%CVE-2025-3482CRITICALMedDream PACS Server DICOM File Parsing Stack-based Buffer Overflow Remote Code Execution VulnerabilityEPSS 0.5%CVE-2025-3483CRITICALMedDream PACS Server DICOM File Parsing Stack-based Buffer Overflow Remote Code Execution VulnerabilityEPSS 0.5%CVE-2025-27724CRITICALA privilege escalation vulnerability exists in the login.php functionality of meddream MedDream PACS Premium 7.3.3.840. A specially crafted EPSS 0.5%CVE-2025-26469CRITICALAn incorrect default permissions vulnerability exists in the CServerSettings::SetRegistryValues functionality of MedDream PACS Premium 7.3.3EPSS 0.5%CVE-2020-37009HIGHMedDream PACS Server 6.8.3.751 - Remote Code ExecutionEPSS 0.5%CVE-2025-53912CRITICALAn arbitrary file read vulnerability exists in the encapsulatedDoc functionality of MedDream PACS Premium 7.3.6.870. A specially crafted HTTEPSS 0.4%CVE-2025-53516MEDIUMA reflected cross-site scripting (xss) vulnerability exists in the downloadZip functionality of MedDream PACS Premium 7.3.6.870. A speciallyEPSS 0.3%CVE-2025-53707MEDIUMA reflected cross-site scripting (xss) vulnerability exists in the modifyTranscript functionality of MedDream PACS Premium 7.3.6.870. A specEPSS 0.3%CVE-2025-44000MEDIUMA reflected cross-site scripting (xss) vulnerability exists in the sendOruReport functionality of MedDream PACS Premium 7.3.6.870. A specialEPSS 0.3%CVE-2018-25372HIGHMedDream PACS Server Premium 6.7.1.1 SQL Injection via emailEPSS 0.3%CVE-2025-54157MEDIUMA reflected cross-site scripting (xss) vulnerability exists in the encapsulatedDoc functionality of MedDream PACS Premium 7.3.6.870. A speciEPSS 0.3%CVE-2025-36556MEDIUMA reflected cross-site scripting (xss) vulnerability exists in the ldapUser functionality of MedDream PACS Premium 7.3.6.870. A specially crEPSS 0.3%CVE-2025-54495MEDIUMA reflected cross-site scripting (xss) vulnerability exists in the emailfailedjob functionality of MedDream PACS Premium 7.3.6.870. A speciaEPSS 0.3%CVE-2025-46270MEDIUMA reflected cross-site scripting (xss) vulnerability exists in the fetchPriorStudies functionality of MedDream PACS Premium 7.3.6.870. A speEPSS 0.3%CVE-2025-53854MEDIUMA reflected cross-site scripting (xss) vulnerability exists in the modifyHL7Route functionality of MedDream PACS Premium 7.3.6.870. A speciaEPSS 0.3%CVE-2025-55071MEDIUMA reflected cross-site scripting (xss) vulnerability exists in the modifyAnonymize functionality of MedDream PACS Premium 7.3.6.870. A speciEPSS 0.3%