Vulnerabilities > Rainbowfishsoftware > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-03 | CVE-2020-29165 | Missing Authentication for Critical Function vulnerability in Rainbowfishsoftware Pacsone Server PacsOne Server (PACS Server In One Box) below 7.1.1 is affected by incorrect access control, which can result in remotely gaining administrator privileges. | 9.8 |
| 2020-09-30 | CVE-2020-12870 | SQL Injection vulnerability in Rainbowfishsoftware Pacsone Server 6.8.4 RainbowFish PacsOne Server 6.8.4 allows SQL injection on the username parameter in the signup page. | 9.8 |