An issue exists in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vulnerable to a NUL-terminated directory traversal attack allowing an unauthenticated malicious user to access system files readable by the web server user (by using the viewAppletFsa.cgi seqID parameter).
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dnatools dnalims 4-2015s13 |