CVE-2023-24217

EPSS 1.53%
Published 06.03.2023 22:15:09
Last modified 06.03.2025 22:15:34
Source cve@mitre.org
Teams watchlist Login
Open Login

AgileBio Electronic Lab Notebook v4.234 was discovered to contain a local file inclusion vulnerability.

Affected products Warnungen 0 Metrics 3 CWE 1 References 5

Data is provided by the National Vulnerability Database (NVD)

Agilebio ≫ Electronic Lab Notebook Version4.234

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	1.53%	0.802

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-98 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

The PHP application receives input from an upstream component, but it does not restrict or incorrectly restricts the input before its usage in "require," "include," or similar functions.

http://packetstormsecurity.com/files/171252/Agilebio-Lab-Collector-4.234-Remote-Code-Execution.html

Third Party Advisory

VDB Entry

https://labcollector.com/labcollector-lims/add-ons/eln-electronic-lab-notebook/

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2023-24217

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-24217

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-24217

EUVD