Computing For Good's Basic Laboratory Information System Security Vulnerabilities and Issues — Computing For Good's Basic Laboratory Information System CVE List

GatechComputing For Good's Basic Laboratory Information System

4 matches found

CVE•added 2019/11/06 6:30 p.m.•82 views

CVE-2019-5617

CVE-2019-5617 affects Computing For Good’s Basic Laboratory Information System (BLIS) v3.4 and earlier. The root cause is CWE-284, Improper Access Control, allowing an unauthenticated user to change the password of any administrator‑level user via a network attack. The CVSS‑3.1 vector (AV:N/AC:L/...

10CVSS9.7AI score0.0132EPSS

CVE•added 2019/11/06 6:30 p.m.•69 views

CVE-2019-5643

CVE-2019-5643 affects Computing For Good’s Basic Laboratory Information System (C4G BLIS) up to version 3.5. The issue is CWE-284 (Improper Access Control). An unauthenticated user could enumerate usernames and facility names on a targeted installation. The Connected documents confirm the vulnera...

5.3CVSS5.7AI score0.00902EPSS

CVE•added 2019/11/06 6:30 p.m.•62 views

CVE-2019-5644

CVE-2019-5644 affects Computing For Good’s Basic Laboratory Information System (C4G BLIS) b3.5 and earlier. The issue is CWE-284 Improper Access Control, leading to an unauthenticated user potentially altering user accounts, including promoting a user to administrator. The vulnerability is rooted...

10CVSS9.6AI score0.0132EPSS

CVE•added 2026/04/05 8:45 p.m.•4 views

CVE-2019-25678

CVE-2019-25678 affects C4G Basic Laboratory Information System 3.4 via SQL injection in the site parameter, exploitable through GET requests to users_select.php. The underlying issue allows unauthenticated attackers to execute arbitrary SQL commands and exfiltrate sensitive data such as patient r...

8.8CVSS6.2AI score0.00272EPSS