Vulnerabilities > Rainbowfishsoftware > Pacsone Server > 6.4.5

DATE CVE VULNERABILITY TITLE RISK
2021-02-03 CVE-2020-29166 Path Traversal vulnerability in Rainbowfishsoftware Pacsone Server
PacsOne Server (PACS Server In One Box) below 7.1.1 is affected by file read/manipulation, which can result in remote information disclosure.
network
low complexity
rainbowfishsoftware CWE-22
7.5
7.5
2021-02-03 CVE-2020-29165 Missing Authentication for Critical Function vulnerability in Rainbowfishsoftware Pacsone Server
PacsOne Server (PACS Server In One Box) below 7.1.1 is affected by incorrect access control, which can result in remotely gaining administrator privileges.
network
low complexity
rainbowfishsoftware CWE-306
critical
 9.8
9.8
2021-02-03 CVE-2020-29164 Cross-site Scripting vulnerability in Rainbowfishsoftware Pacsone Server
PacsOne Server (PACS Server In One Box) below 7.1.1 is affected by cross-site scripting (XSS).
network
low complexity
rainbowfishsoftware CWE-79
6.1
6.1
2021-02-03 CVE-2020-29163 SQL Injection vulnerability in Rainbowfishsoftware Pacsone Server
PacsOne Server (PACS Server In One Box) below 7.1.1 is affected by SQL injection.
network
low complexity
rainbowfishsoftware CWE-89
8.8
8.8