Pacsone Server
Monthly
RainbowFish PacsOne Server 6.8.4 allows SQL injection on the username parameter in the signup page. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
RainbowFish PacsOne Server 6.8.4 allows XSS. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
RainbowFish PacsOne Server 6.8.4 has Incorrect Access Control. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
RainbowFish PacsOne Server 6.8.4 allows SQL injection on the username parameter in the signup page. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
RainbowFish PacsOne Server 6.8.4 allows XSS. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
RainbowFish PacsOne Server 6.8.4 has Incorrect Access Control. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.