Vulnerabilities > Rainbowfishsoftware > Pacsone Server > 6.1.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-03 | CVE-2020-29166 | Server-Side Request Forgery (SSRF) vulnerability in Rainbowfishsoftware Pacsone Server PacsOne Server (PACS Server In One Box) below 7.1.1 is affected by file read/manipulation, which can result in remote information disclosure. | 5.0 |
| 2021-02-03 | CVE-2020-29165 | Incorrect Authorization vulnerability in Rainbowfishsoftware Pacsone Server PacsOne Server (PACS Server In One Box) below 7.1.1 is affected by incorrect access control, which can result in remotely gaining administrator privileges. | 7.5 |
| 2021-02-03 | CVE-2020-29164 | Cross-site Scripting vulnerability in Rainbowfishsoftware Pacsone Server PacsOne Server (PACS Server In One Box) below 7.1.1 is affected by cross-site scripting (XSS). | 4.3 |
| 2021-02-03 | CVE-2020-29163 | SQL Injection vulnerability in Rainbowfishsoftware Pacsone Server PacsOne Server (PACS Server In One Box) below 7.1.1 is affected by SQL injection. | 6.5 |