Vulnerabilities
Vulnerable Software
Dnatools:  >> Dnalims  Security Vulnerabilities
An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vulnerable to unauthenticated command execution through an improperly protected administrative web shell (cgi-bin/dna/sysAdmin.cgi POST requests).
CVSS Score
9.8
EPSS Score
0.574
Published
2017-03-09
An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vulnerable to a NUL-terminated directory traversal attack allowing an unauthenticated attacker to access system files readable by the web server user (by using the viewAppletFsa.cgi seqID parameter).
CVSS Score
7.5
EPSS Score
0.566
Published
2017-03-09
An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is affected by plaintext password storage (the /home/dna/spool/.pfile file).
CVSS Score
8.1
EPSS Score
0.034
Published
2017-03-09
An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vulnerable to session hijacking by guessing the UID parameter.
CVSS Score
8.8
EPSS Score
0.029
Published
2017-03-09


Contact Us

Shodan ® - All rights reserved