cbcvebase.

Meddream Pacs Premium vulnerabilities

33 known vulnerabilities affecting meddream/meddream_pacs_premium.

Total CVEs
33
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH2MEDIUM29

Vulnerabilities

Page 2 of 2
CVE-2025-54157P4MEDIUMCVSS 5.4v7.3.6.8702026-01-20
CVE-2025-54157 [MEDIUM] CWE-79 CVE-2025-54157: A reflected cross-site scripting (xss) vulnerability exists in the encapsulatedDoc functionality of A reflected cross-site scripting (xss) vulnerability exists in the encapsulatedDoc functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability.
nvd
CVE-2025-53854P4MEDIUMCVSS 5.4v7.3.6.8702026-01-20
CVE-2025-53854 [MEDIUM] CWE-79 CVE-2025-53854: A reflected cross-site scripting (xss) vulnerability exists in the modifyHL7Route functionality of M A reflected cross-site scripting (xss) vulnerability exists in the modifyHL7Route functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability.
nvd
CVE-2025-46270P4MEDIUMCVSS 5.4v7.3.6.8702026-01-20
CVE-2025-46270 [MEDIUM] CWE-79 CVE-2025-46270: A reflected cross-site scripting (xss) vulnerability exists in the fetchPriorStudies functionality o A reflected cross-site scripting (xss) vulnerability exists in the fetchPriorStudies functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability.
nvd
CVE-2025-54495P4MEDIUMCVSS 5.4v7.3.6.8702026-01-20
CVE-2025-54495 [MEDIUM] CWE-79 CVE-2025-54495: A reflected cross-site scripting (xss) vulnerability exists in the emailfailedjob functionality of M A reflected cross-site scripting (xss) vulnerability exists in the emailfailedjob functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious url can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability.
nvd
CVE-2025-58087P4MEDIUMCVSS 6.1v7.3.6.8702026-01-20
CVE-2025-58087 [MEDIUM] CWE-79 CVE-2025-58087: Multiple reflected cross-site scripting (xss) vulnerabilities exist in the config.php functionality Multiple reflected cross-site scripting (xss) vulnerabilities exist in the config.php functionality of MedDream PACS Premium 7.3.6.870. Specially crafted malicious URLs can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger these vulnerabilities.This vulnerability affects the status parameter.
nvd
CVE-2025-58080P4MEDIUMCVSS 5.4v7.3.6.8702026-01-20
CVE-2025-58080 [MEDIUM] CWE-79 CVE-2025-58080: A reflected cross-site scripting (xss) vulnerability exists in the modifyHL7App functionality of Med A reflected cross-site scripting (xss) vulnerability exists in the modifyHL7App functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability.
nvd
CVE-2025-54853P4MEDIUMCVSS 5.4v7.3.6.8702026-01-20
CVE-2025-54853 [MEDIUM] CWE-79 CVE-2025-54853: A reflected cross-site scripting (xss) vulnerability exists in the modifyUser functionality of MedDr A reflected cross-site scripting (xss) vulnerability exists in the modifyUser functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability.
nvd
CVE-2025-57786P4MEDIUMCVSS 5.4v7.3.6.8702026-01-20
CVE-2025-57786 [MEDIUM] CWE-79 CVE-2025-57786: A reflected cross-site scripting (xss) vulnerability exists in the notifynewstudy functionality of M A reflected cross-site scripting (xss) vulnerability exists in the notifynewstudy functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability.
nvd
CVE-2025-54861P4MEDIUMCVSS 5.4v7.3.6.8702026-01-20
CVE-2025-54861 [MEDIUM] CWE-79 CVE-2025-54861: A reflected cross-site scripting (xss) vulnerability exists in the modifyCoercion functionality of M A reflected cross-site scripting (xss) vulnerability exists in the modifyCoercion functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability.
nvd
CVE-2025-54778P4MEDIUMCVSS 5.4v7.3.6.8702026-01-20
CVE-2025-54778 [MEDIUM] CWE-79 CVE-2025-54778: A reflected cross-site scripting (xss) vulnerability exists in the existingUser functionality of Med A reflected cross-site scripting (xss) vulnerability exists in the existingUser functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability.
nvd
CVE-2025-57881P4MEDIUMCVSS 5.4v7.3.6.8702026-01-20
CVE-2025-57881 [MEDIUM] CWE-79 CVE-2025-57881: A reflected cross-site scripting (xss) vulnerability exists in the modifyEmail functionality of MedD A reflected cross-site scripting (xss) vulnerability exists in the modifyEmail functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability.
nvd
CVE-2025-54814P4MEDIUMCVSS 5.4v7.3.6.8702026-01-20
CVE-2025-54814 [MEDIUM] CWE-79 CVE-2025-54814: A reflected cross-site scripting (xss) vulnerability exists in the modifyAutopurgeFilter functionali A reflected cross-site scripting (xss) vulnerability exists in the modifyAutopurgeFilter functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability.
nvd
CVE-2025-54817P4MEDIUMCVSS 5.4v7.3.6.8702026-01-20
CVE-2025-54817 [MEDIUM] CWE-79 CVE-2025-54817: A reflected cross-site scripting (xss) vulnerability exists in the autoPurge functionality of MedDre A reflected cross-site scripting (xss) vulnerability exists in the autoPurge functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious url can lead to arbitrary javascript code execution. An attacker can provide a URL to a malicious website to trigger this vulnerability.
nvd
Meddream Pacs Premium vulnerabilities | cvebase