CVE-2023-42244

High CVSS: 8.8

An issue was discovered in Selesta Visual Access Manager (VAM) prior to 4.42.2. An authenticated attacker can perform SQL Injection in multiple POST parameters of /vam/vam_visits.php.

Vendor

Seling

Product

Visual Access Manager

CWE

CWE-89

Yayın Tarihi

2025-01-13 22:15:12

Güncelleme

2025-04-17 16:34:45

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-89 Visual Access Manager HIGH Seling 2025

Referanslar

https://gitlab.com/daniele_m/cve-list/-/blob/main/README.md

Benzer Kayıtlar

Medium

CVE-2023-42246

Selesta Visual Access Manager < 4.42.2 is vulnerable to Cross Site Scripting (XSS) via /vam/vam_ep.php.

Medium

CVE-2023-42247

Selesta Visual Access Manager < 4.42.2 is vulnerable to Cross Site Scripting (XSS) via monitor/s_monitor_map.php.

Medium

CVE-2023-42248

An issue was discovered in Selesta Visual Access Manager (VAM) prior to 4.42.2. An authenticated attacker can write arbi…

Medium

CVE-2023-42249

Selesta Visual Access Manager < 4.42.2 is vulnerable to Cross Site Scripting (XSS) via vam/vam_visits.php.

Medium

CVE-2023-42250

Selesta Visual Access Manager < 4.42.2 is vulnerable to Cross Site Scripting (XSS) via /common/autocomplete.php.

Low

CVE-2023-42238

An issue was discovered in Selesta Visual Access Manager (VAM) prior to 4.42.2. An authenticated attacker can perform SQ…