CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

35 matches found

EUVD•added 2025/10/07 12:30 a.m.•7 views

EUVD-2017-15584

Malware in sbrugna...

8.1CVSS8.1AI score0.03438EPSS

Exploits6References6

Packet Storm•added 2024/09/01 12:0 a.m.•178 views

DnaLIMS Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'DnaLIMS Directory Traversal', 'Description' = %q This module exploits a directory traversal vulnerability found in dnaLIMS. Due to the way the...

7.5CVSS7.4AI score0.56647EPSS

Exploits10

Check Point Advisories•added 2019/07/07 12:0 a.m.•1 views

dnaTools dnaLIMS DNA Sequencer Command Injection (CVE-2017-6526)

...

10CVSS2.5AI score0.574EPSS

Exploits9

BDU FSTEC•added 2017/12/14 12:0 a.m.•5 views

The vulnerability of the administrative web interface of the software dnaTools dnaLIMS allows a perpetrator to execute arbitrary commands.

The vulnerability of the administrative web interface of the software dnaTools dnaLIM is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands using specially crafted POST requests sent to the address...

10CVSS5.9AI score0.574EPSS

Exploits9References5Affected Software1

seebug.org•added 2017/04/10 12:0 a.m.•41 views

dnaLIMS Code Execution / XSS / Traversal / Session Hijacking （CVE-2017-6526）

dnaLIMS Code Execution / XSS / Traversal / Session Hijacking web-application Advisory URL: https://www.shorebreaksecurity.com/blog/product-security-advisory-psa0002-dnalims/ Date published: Mar 08, 2017 Vendor: dnaTools, Inc. CVE IDs: 2017-6526, 2017-6527, 2017-6528, 2017-6529 USCERT VU: 929263...

10CVSS8.6AI score0.574EPSS

Exploits16

Packet Storm•added 2017/04/08 12:0 a.m.•41 views

dnaTools dnaLIMS 4-2015s13 Directory Traversal Nmap NSE Script

local http = require "http" local shortport = require "shortport" local stdnse = require "stdnse" local string = require "string" local vulns = require "vulns" local nmap = require "nmap" description = dnaLIMS is prone to the Directory Traversal attack. The viewAppletFsa.cgi seqID parameter is...

5CVSS0.56647EPSS

Exploits10

0day.today•added 2017/04/02 12:0 a.m.•73 views

dnaLIMS Admin Module Command Execution Exploit

Usage Info msf use exploit/linux/http/dnalimsadminexec msf exploitdnalimsadminexec show targets ...targets... msf exploitdnalimsadminexec set TARGET msf exploitdnalimsadminexec show options ...show and set options... msf exploitdnalimsadminexec exploit This module requires Metasploit:...

10CVSS9.2AI score0.574EPSS

Exploits9

0day.today•added 2017/04/02 12:0 a.m.•49 views

dnaLIMS Directory Traversal Exploit

This module exploits a directory traversal vulnerability found in dnaLIMS. Due to the way the viewAppletFsa.cgi script handles the 'secID' parameter, it is possible to read a file outside the www directory. Usage Info msf use auxiliary/scanner/http/dnalimsfileretrieve msf...

5CVSS8.1AI score0.56647EPSS

Exploits10

OpenVAS•added 2017/03/13 12:0 a.m.•7 views

dnaLIMS Detection

The script sends a connection request to the server and attempts to extract the version number from the reply. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifie...

7AI score

Exploits0

exploitpack•added 2017/03/10 12:0 a.m.•33 views

dnaLIMS DNA Sequencing - Directory Traversal Session Hijacking Cross-Site Scripting

dnaLIMS DNA Sequencing - Directory Traversal Session Hijacking Cross-Site Scripting Title: Multiple vulnerabilities discovered in dnaLIMS DNA sequencing web-application Advisory URL: https://www.shorebreaksecurity.com/blog/product-security-advisory-psa0002-dnalims/ Date published: Mar 08, 2017...

10CVSS0.3AI score0.574EPSS

Exploits16

0day.today•added 2017/03/10 12:0 a.m.•58 views

dnaLIMS Code Execution / XSS / Traversal / Session Hijacking Vulnerabilities

dnaLIMS DNA sequencing application suffers from an improperly protected web shell, a directory traversal, insecure password storage, session hijacking, cross site scripting, and improperly protected content vulnerabilities. Title: Multiple vulnerabilities discovered in dnaLIMS DNA sequencing...

10CVSS8.3AI score0.574EPSS

Exploits16

Prion•added 2017/03/09 7:59 p.m.•9 views

Command injection

An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vulnerable to unauthenticated command execution through an improperly protected administrative web shell cgi-bin/dna/sysAdmin.cgi POST requests...

10CVSS9.6AI score0.574EPSS

Exploits9References3Affected Software1

OSV•added 2017/03/09 7:59 p.m.•3 views

CVE-2017-6526

9.8CVSS5.9AI score0.574EPSS

Exploits9References3

OSV•added 2017/03/09 7:59 p.m.•1 views

CVE-2017-6529

An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vulnerable to session hijacking by guessing the UID parameter...

8.8CVSS5.8AI score0.02902EPSS

Exploits6References3

Prion•added 2017/03/09 7:59 p.m.•12 views

Session fixation

An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vulnerable to session hijacking by guessing the UID parameter...

6.8CVSS8.8AI score0.02902EPSS

Exploits6References3Affected Software1

Prion•added 2017/03/09 7:59 p.m.•19 views

Design/Logic Flaw

An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is affected by plaintext password storage the /home/dna/spool/.pfile file...

4.3CVSS8.5AI score0.03438EPSS

Exploits6References3Affected Software1

Prion•added 2017/03/09 7:59 p.m.•12 views

Directory traversal

An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vulnerable to a NUL-terminated directory traversal attack allowing an unauthenticated attacker to access system files readable by the web server user by using the viewAppletFsa.cgi seqID parameter...

5CVSS7.8AI score0.56647EPSS

Exploits10References3Affected Software1