Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2023-24217

šŸ—“ļøĀ 06 Mar 2023Ā 00:00:00Reported byĀ mitreTypeĀ 
cve
Ā cvešŸ”—Ā web.nvd.nist.govšŸ‘Ā 66Ā ViewsšŸŒ WEB

AgileBio Lab Notebook v4.234 local file incl. vulnerabilit

Related
Detection
Refs
Paths
ReporterTitlePublishedViews
Family
0day.today		Agilebio Lab Collector 4.234 Remote Code Execution Exploit
6 Mar 202300:00
ā€“zdt
Circl		CVE-2023-24217
7 Mar 202300:13
ā€“circl
CNNVD		AgileBio Electronic Lab Notebook 安å…Øę¼ę“ž
6 Mar 202300:00
ā€“cnnvd
Cvelist		CVE-2023-24217
6 Mar 202300:00
ā€“cvelist
Exploit DB		Agilebio Lab Collector Electronic Lab Notebook v4.234 - Remote Code Execution (RCE)
6 Apr 202300:00
ā€“exploitdb
EUVD		EUVD-2023-28276
3 Oct 202520:07
ā€“euvd
NVD		CVE-2023-24217
6 Mar 202322:15
ā€“nvd
OSV		CVE-2023-24217
6 Mar 202322:15
ā€“osv
Packet Storm		Agilebio Lab Collector 4.234 Remote Code Execution
6 Mar 202300:00
ā€“packetstorm
Prion		Arbitrary file deletion
6 Mar 202322:15
ā€“prion
Rows per page
NVD
Node
agilebioelectronic_lab_notebookMatch4.234
ParameterPositionPathDescriptionCWE
paramquery paramextra_modules/eln/index.phpAuthenticated remote command execution via ELN: payload injected into profile field triggers PHP code execution through a crafted request to the extra_modules/eln/index.php?page=...&action=edit&id=1&{param}=<cmd>CWE-98
pagequery paramextra_modules/eln/index.phpAuthenticated remote command execution via ELN: payload injected into profile field triggers PHP code execution through a crafted request to the extra_modules/eln/index.php?page=...&action=edit&id=1&{param}=<cmd>CWE-98
actionquery paramextra_modules/eln/index.phpAuthenticated remote command execution via ELN: payload injected into profile field triggers PHP code execution through a crafted request to the extra_modules/eln/index.php?page=...&action=edit&id=1&{param}=<cmd>CWE-98
idquery paramextra_modules/eln/index.phpAuthenticated remote command execution via ELN: payload injected into profile field triggers PHP code execution through a crafted request to the extra_modules/eln/index.php?page=...&action=edit&id=1&{param}=<cmd>CWE-98

Data

Build on a solid foundation withĀ Vulners data

WeĀ provide theĀ essential building blocks forĀ cybersecurity solutions withĀ comprehensive, structured, andĀ constantly updated vulnerability andĀ exploits data

Api

Power your application withĀ Vulners API

The Vulners REST API offers reliable, high-performance access toĀ vulnerabilityĀ intelligence, withĀ 99.9%Ā SLAĀ uptime andĀ CDN-backed data delivery forĀ seamlessĀ global access

App

Assess and manage vulnerabilities withĀ VulnersĀ tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
06 Mar 2025 22:15Current
8.5High risk
Vulners AI Score8.5
CVSS 3.18.8
EPSS0.04938
SSVC
CWE-98
agilebiolab notebookv4.234local file inclusionvulnerability
66