CVE-2019-25678

CVE-2019-25678 affects C4G Basic Laboratory Information System 3.4 via SQL injection in the site parameter, exploitable through GET requests to users_select.php. The underlying issue allows unauthenticated attackers to execute arbitrary SQL commands and exfiltrate sensitive data such as patient r...

CVE-2019-25678 C4G BLIS 3.4 SQL Injection via users_select.php

C4G Basic Laboratory Information System 3.4 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL commands by injecting malicious code through the site parameter. Attackers can send GET requests to the usersselect.php endpoint with crafted S...

EUVD-2019-15218

Malware in sbrugna...

EUVD-2019-15192

Malware in sbrugna...

EUVD-2019-15219

Malware in sbrugna...

Fedora Update for blis FEDORA-2019-27e101fdc3

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2019-5644

Computing For Good's Basic Laboratory Information System also known as C4G BLIS version 3.5 and earlier suffers from an instance of CWE-284, "Improper Access Control." As a result, an unauthenticated user may alter several facets of a user account, including promoting any user to an administrator...

CVE-2019-5617

Computing For Good's Basic Laboratory Information System also known as C4G BLIS version 3.4 and earlier suffers from an instance of CWE-284, "Improper Access Control." As a result, an unauthenticated user may change the password of any administrator-level user...

Improper access control

Computing For Good's Basic Laboratory Information System also known as C4G BLIS version 3.5 and earlier suffers from an instance of CWE-284, "Improper Access Control." As a result, an unauthenticated user may enumerate the user names and facility names in use on a particular installation...

Improper access control

Computing For Good's Basic Laboratory Information System also known as C4G BLIS version 3.4 and earlier suffers from an instance of CWE-284, "Improper Access Control." As a result, an unauthenticated user may change the password of any administrator-level user...

Improper access control

Computing For Good's Basic Laboratory Information System also known as C4G BLIS version 3.5 and earlier suffers from an instance of CWE-284, "Improper Access Control." As a result, an unauthenticated user may alter several facets of a user account, including promoting any user to an administrator...

CVE-2019-5644 C4G BLIS Improper Access Control

Computing For Good's Basic Laboratory Information System also known as C4G BLIS version 3.5 and earlier suffers from an instance of CWE-284, "Improper Access Control." As a result, an unauthenticated user may alter several facets of a user account, including promoting any user to an administrator...

CVE-2019-5643

CVE-2019-5643 affects Computing For Good’s Basic Laboratory Information System (C4G BLIS) up to version 3.5. The issue is CWE-284 (Improper Access Control). An unauthenticated user could enumerate usernames and facility names on a targeted installation. The Connected documents confirm the vulnera...

CVE-2019-5644

CVE-2019-5644 affects Computing For Good’s Basic Laboratory Information System (C4G BLIS) b3.5 and earlier. The issue is CWE-284 Improper Access Control, leading to an unauthenticated user potentially altering user accounts, including promoting a user to administrator. The vulnerability is rooted...

CVE-2019-5643 C4G BLIS Improper Access Control

Computing For Good's Basic Laboratory Information System also known as C4G BLIS version 3.5 and earlier suffers from an instance of CWE-284, "Improper Access Control." As a result, an unauthenticated user may enumerate the user names and facility names in use on a particular installation...

CVE-2019-5617 C4G BLIS Improper Access Control

Computing For Good's Basic Laboratory Information System also known as C4G BLIS version 3.4 and earlier suffers from an instance of CWE-284, "Improper Access Control." As a result, an unauthenticated user may change the password of any administrator-level user...

CVE-2019-5617

CVE-2019-5617 affects Computing For Good’s Basic Laboratory Information System (BLIS) v3.4 and earlier. The root cause is CWE-284, Improper Access Control, allowing an unauthenticated user to change the password of any administrator‑level user via a network attack. The CVSS‑3.1 vector (AV:N/AC:L/...

C4G BLIS Improper Access Control

Computing For Good’s Basic Laboratory Information System also known as C4G BLIS version 3.5 and earlier suffers from an instance of CWE-284, “Improper Access Control.” As a result, an unauthenticated user may alter several facets of a user account, including promoting any user to an administrator...

Fedora 31 : blis (2019-27e101fdc3)

Don't call popen on ARM in case it's run with privileges. Also replace patch to use FMA with simd pragma. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as...

Fedora Update for blis FEDORA-2019-5fec758a3f

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...