CVE-2024-5771 | LabVantage LIMS 2017 POST Request rc param1 sql injection

A vulnerability classified as critical was found in LabVantage LIMS 2017. This vulnerability affects unknown code of the file /labvantage/rc?command=page&page=SampleList&_iframename=list of the component POST Request Handler. The manipulation of the argument param1 leads to sql injection.

This vulnerability was named CVE-2024-5771. The attack can be initiated remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-5771 | LabVantage LIMS 2017 POST Request rc param1 sql injection

Related Posts

CVE-2023-41954 | ProfilePress Plugin up to 4.13.1 on WordPress privileges management

CVE-2023-52131 | WP Zinc Page Generator Plugin up to 1.7.1 on WordPress sql injection

CVE-2024-6912 | PerkinElmer ProcessPlus up to 1.11.6507.0 on Windows MySQL hard-coded credentials

CVE-2023-48720 | Project Worlds Student Result Management System 1.0 login.php password sql injection