Dnalims

dnalims

Vendor: Dnatools • 4 CVEs

CVEs (4)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2017-6529 1Dnatools 1Dnalims May 13, 2026 Mar 9, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vulnerable to session hijacking by guessing the UID parameter.
CVE-2017-6528 1Dnatools 1Dnalims May 13, 2026 Mar 9, 2017 N/A· v4 8.1 HIGH· v3 4.3 MEDIUM· v2 An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is affected by plaintext password storage (the /home/dna/spool/.pfile file).
CVE-2017-6527 1Dnatools 1Dnalims May 13, 2026 Mar 9, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vulnerable to a NUL-terminated directory traversal attack allowing an unauthenticated attacker to access system files readable by the web server user (by...Show more An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vulnerable to a NUL-terminated directory traversal attack allowing an unauthenticated attacker to access system files readable by the web server user (by using the viewAppletFsa.cgi seqID parameter).Show less
CVE-2017-6526 1Dnatools 1Dnalims May 13, 2026 Mar 9, 2017 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vulnerable to unauthenticated command execution through an improperly protected administrative web shell (cgi-bin/dna/sysAdmin.cgi POST requests).