6 matches found
CVE-2026-8297
Improper neutralization of special elements used in an SQL command 'SQL injection' vulnerability in Gis Informatics Engineering Consulting Laboratory R&D and Software Services Inc. GisLab Laboratory Management System allows SQL Injection. This issue affects GisLab Laboratory Management System: fr...
CVE-2026-11763 IDOR in GIS Informatics' GisLab Laboratory Management System
Authorization bypass through User-Controlled key vulnerability in Gis Informatics Engineering Consulting Laboratory R&D and Software Services Inc. GisLab Laboratory Management System allows Exploitation of Trusted Identifiers. This issue affects GisLab Laboratory Management System: from 1.4.03...
CVE-2026-11763 IDOR in GIS Informatics' GisLab Laboratory Management System
Authorization bypass through User-Controlled key vulnerability in Gis Informatics Engineering Consulting Laboratory R&D and Software Services Inc. GisLab Laboratory Management System allows Exploitation of Trusted Identifiers. This issue affects GisLab Laboratory Management System: from 1.4.03...
CVE-2026-8297
CVE-2026-8297 describes an SQL injection in GisLab Laboratory Management System by Gis Informatics Engineering Consulting (Gis Informatics). Affected versions: 1.4.03 through 08072026. The issue is a generic SQL injection vulnerability with network attack vector, no user interaction, and no privi...
PT-2026-60795
Authorization bypass through User-Controlled key vulnerability in Gis Informatics Engineering Consulting Laboratory R&D and Software Services Inc. GisLab Laboratory Management System allows Exploitation of Trusted Identifiers. This issue affects GisLab Laboratory Management System: from 1.4.03...
PT-2026-60808
Name of the Vulnerable Software and Affected Versions GisLab Laboratory Management System versions 1.4.03 through 08072026 Description An unauthenticated SQL injection exists in the web application backend due to improper neutralization of special elements used in SQL commands. This occurs when...