Lucene search
K

20 matches found

Vulnrichment
Vulnrichment
added 2026/04/05 8:45 p.m.1 views

CVE-2019-25678 C4G BLIS 3.4 SQL Injection via users_select.php

C4G Basic Laboratory Information System 3.4 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL commands by injecting malicious code through the site parameter. Attackers can send GET requests to the usersselect.php endpoint with crafted S...

8.8CVSS6.2AI score0.00272EPSS
Exploits1References2
CVE
CVE
added 2026/04/05 8:45 p.m.8 views

CVE-2019-25678

CVE-2019-25678 affects C4G Basic Laboratory Information System 3.4 via SQL injection in the site parameter, exploitable through GET requests to users_select.php. The underlying issue allows unauthenticated attackers to execute arbitrary SQL commands and exfiltrate sensitive data such as patient r...

8.8CVSS6.2AI score0.00272EPSS
Exploits1References2Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-15218

Malware in sbrugna...

10CVSS7.3AI score0.0132EPSS
Exploits3References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2019-15192

Malware in sbrugna...

10CVSS7.3AI score0.0132EPSS
Exploits3References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-15219

Malware in sbrugna...

10CVSS7.3AI score0.0132EPSS
Exploits3References2
NVD
NVD
added 2019/11/06 7:15 p.m.23 views

CVE-2019-5617

Computing For Good's Basic Laboratory Information System also known as C4G BLIS version 3.4 and earlier suffers from an instance of CWE-284, "Improper Access Control." As a result, an unauthenticated user may change the password of any administrator-level user...

10CVSS9.7AI score0.0132EPSS
Exploits1References1
NVD
NVD
added 2019/11/06 7:15 p.m.19 views

CVE-2019-5644

Computing For Good's Basic Laboratory Information System also known as C4G BLIS version 3.5 and earlier suffers from an instance of CWE-284, "Improper Access Control." As a result, an unauthenticated user may alter several facets of a user account, including promoting any user to an administrator...

10CVSS9.6AI score0.0132EPSS
Exploits2References1
Prion
Prion
added 2019/11/06 7:15 p.m.15 views

Improper access control

Computing For Good's Basic Laboratory Information System also known as C4G BLIS version 3.4 and earlier suffers from an instance of CWE-284, "Improper Access Control." As a result, an unauthenticated user may change the password of any administrator-level user...

7.5CVSS9.5AI score0.0132EPSS
Exploits3References1Affected Software1
Prion
Prion
added 2019/11/06 7:15 p.m.16 views

Improper access control

Computing For Good's Basic Laboratory Information System also known as C4G BLIS version 3.5 and earlier suffers from an instance of CWE-284, "Improper Access Control." As a result, an unauthenticated user may alter several facets of a user account, including promoting any user to an administrator...

7.5CVSS9.4AI score0.0132EPSS
Exploits3References1Affected Software1
Prion
Prion
added 2019/11/06 7:15 p.m.14 views

Improper access control

Computing For Good's Basic Laboratory Information System also known as C4G BLIS version 3.5 and earlier suffers from an instance of CWE-284, "Improper Access Control." As a result, an unauthenticated user may enumerate the user names and facility names in use on a particular installation...

5CVSS5.2AI score0.0132EPSS
Exploits3References1Affected Software1
CVE
CVE
added 2019/11/06 6:30 p.m.63 views

CVE-2019-5644

CVE-2019-5644 affects Computing For Good’s Basic Laboratory Information System (C4G BLIS) b3.5 and earlier. The issue is CWE-284 Improper Access Control, leading to an unauthenticated user potentially altering user accounts, including promoting a user to administrator. The vulnerability is rooted...

10CVSS9.6AI score0.0132EPSS
Exploits2References1Affected Software1
CVE
CVE
added 2019/11/06 6:30 p.m.73 views

CVE-2019-5643

CVE-2019-5643 affects Computing For Good’s Basic Laboratory Information System (C4G BLIS) up to version 3.5. The issue is CWE-284 (Improper Access Control). An unauthenticated user could enumerate usernames and facility names on a targeted installation. The Connected documents confirm the vulnera...

5.3CVSS5.7AI score0.0132EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2019/11/06 6:30 p.m.25 views

CVE-2019-5643 C4G BLIS Improper Access Control

Computing For Good's Basic Laboratory Information System also known as C4G BLIS version 3.5 and earlier suffers from an instance of CWE-284, "Improper Access Control." As a result, an unauthenticated user may enumerate the user names and facility names in use on a particular installation...

5.3CVSS5.3AI score0.0132EPSS
Exploits2References1
Cvelist
Cvelist
added 2019/11/06 6:30 p.m.27 views

CVE-2019-5644 C4G BLIS Improper Access Control

Computing For Good's Basic Laboratory Information System also known as C4G BLIS version 3.5 and earlier suffers from an instance of CWE-284, "Improper Access Control." As a result, an unauthenticated user may alter several facets of a user account, including promoting any user to an administrator...

10CVSS9.5AI score0.0132EPSS
Exploits2References1
Cvelist
Cvelist
added 2019/11/06 6:30 p.m.28 views

CVE-2019-5617 C4G BLIS Improper Access Control

Computing For Good's Basic Laboratory Information System also known as C4G BLIS version 3.4 and earlier suffers from an instance of CWE-284, "Improper Access Control." As a result, an unauthenticated user may change the password of any administrator-level user...

10CVSS9.7AI score0.0132EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2019/11/06 12:0 a.m.38 views

C4G BLIS Improper Access Control

Computing For Good’s Basic Laboratory Information System also known as C4G BLIS version 3.5 and earlier suffers from an instance of CWE-284, “Improper Access Control.” As a result, an unauthenticated user may alter several facets of a user account, including promoting any user to an administrator...

10CVSS1.2AI score0.0132EPSS
Exploits3References2
0day.today
0day.today
added 2019/02/21 12:0 a.m.52 views

C4G Basic Laboratory Information System (BLIS) 3.4 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: C4G Basic Laboratory Information System BLIS 3.4 - Multiples SQL Injection Software Links/Project: https://github.com/C4G/BLIS | http://blis.cc.gatech.edu/index.php Version: C4G Basic Laboratory Information System v3.4 Exploit...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2019/02/21 12:0 a.m.36 views

C4G Basic Laboratory Information System (BLIS) 3.4 - SQL Injection

C4G Basic Laboratory Information System BLIS 3.4 - SQL Injection Exploit Title: C4G Basic Laboratory Information System BLIS 3.4 - Multiples SQL Injection Date: 01/31/2019 Software Links/Project: https://github.com/C4G/BLIS | http://blis.cc.gatech.edu/index.php Version: C4G Basic Laboratory...

8.6AI score
Exploits0
Packet Storm
Packet Storm
added 2019/02/21 12:0 a.m.64 views

C4G Basic Laboratory Information System (BLIS) 3.4 SQL Injection

Exploit Title: C4G Basic Laboratory Information System BLIS 3.4 - Multiples SQL Injection Date: 01/31/2019 Software Links/Project: https://github.com/C4G/BLIS | http://blis.cc.gatech.edu/index.php Version: C4G Basic Laboratory Information System v3.4 Exploit Author: Carlos Avila Category: webapps...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/21 12:0 a.m.116 views

C4G Basic Laboratory Information System (BLIS) 3.4 - SQL Injection

Exploit Title: C4G Basic Laboratory Information System BLIS 3.4 - Multiples SQL Injection Date: 01/31/2019 Software Links/Project: https://github.com/C4G/BLIS | http://blis.cc.gatech.edu/index.php Version: C4G Basic Laboratory Information System v3.4 Exploit Author: Carlos Avila Category: webapps...

7.4AI score
Exploits0
Rows per page
Query Builder