Agilebio CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2019-25438	2 Agilebio, Labcollector	2 Labcollector, Labcollector	2026-02-26	8.2 High
LabCollector 5.423 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL commands by injecting malicious code through POST parameters. Attackers can submit crafted SQL payloads in the login parameter of login.php or the user_name parameter of retrieve_password.php to extract sensitive database information without authentication.
CVE-2023-24217	1 Agilebio	1 Electronic Lab Notebook	2025-03-06	8.8 High
AgileBio Electronic Lab Notebook v4.234 was discovered to contain a local file inclusion vulnerability.
CVE-2023-33253	1 Agilebio	1 Labcollector	2025-01-03	8.8 High
LabCollector 6.0 though 6.15 allows remote code execution. An authenticated remote low-privileged user can upload an executable PHP file and execute system commands. The vulnerability is in the message function, and is due to insufficient validation of the file (such as shell.jpg.php.shell) being sent.

Page 1 of 1.