Submit #347403: Labvantage LIMS 2017 SQL Injectioninfo

TitleLabvantage LIMS 2017 SQL Injection
DescriptionIssue Overview: * Vendor: Labvantage * Product: Labvantage LIMS * Endpoint: /labvantage/rc?command=page&page=SampleList&_iframename=list * Vulnerable Parameter: param1 * Type of Vulnerability: SQL Injection Description of the Vulnerability During penetration testing, an SQL injection vulnerability was discovered in the param1 parameter of the POST request to the specified endpoint. This vulnerability allows an attacker to manipulate the SQL query by injecting arbitrary SQL code.
Source⚠️ https://gentle-khaan-c53.notion.site/Labvantage-LIMS-3bb2137a29944e7e9efc906f23b42a4a
User
 Farouk (UID 69824)
Submission05/30/2024 21:24 (2 years ago)
Moderation06/08/2024 09:38 (9 days later)
StatusAccepted
VulDB entry267454 [LabVantage LIMS 2017 POST Request rc?command=page&page=SampleList&_iframename=list param1 sql injection]
Points17

Do you want to use VulDB in your project?

Use the official API to access entries easily!