| Max CVSS | 10.0 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2017-6528 | 4.3 |
An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is affected by plaintext password storage (the /home/dna/spool/.pfile file).
|
03-10-2019 - 00:03 | 09-03-2017 - 19:59 | |
| CVE-2017-6526 | 10.0 |
An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vulnerable to unauthenticated command execution through an improperly protected administrative web shell (cgi-bin/dna/sysAdmin.cgi POST requests).
|
03-10-2019 - 00:03 | 09-03-2017 - 19:59 | |
| CVE-2017-6527 | 5.0 |
An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vulnerable to a NUL-terminated directory traversal attack allowing an unauthenticated attacker to access system files readable by the web server user (by using the viewAppletFsa.cgi se
|
16-08-2017 - 01:29 | 09-03-2017 - 19:59 | |
| CVE-2017-6529 | 6.8 |
An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vulnerable to session hijacking by guessing the UID parameter.
|
16-08-2017 - 01:29 | 09-03-2017 - 19:59 |