8.8
CVE-2023-24217
- EPSS 4.54%
- Veröffentlicht 06.03.2023 22:15:09
- Zuletzt bearbeitet 06.03.2025 22:15:34
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginAgileBio Electronic Lab Notebook v4.234 was discovered to contain a local file inclusion vulnerability.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Agilebio ≫ Electronic Lab Notebook Version4.234
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 4.54% | 0.903 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-98 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
The PHP application receives input from an upstream component, but it does not restrict or incorrectly restricts the input before its usage in "require," "include," or similar functions.
http://packetstormsecurity.com/files/171252/Agilebio-Lab-Collector-4.234-Remote-Code-Execution.html
https://labcollector.com/labcollector-lims/add-ons/eln-electronic-lab-notebook/