158 matches found
CVE-2023-42242
An issue was discovered in Selesta Visual Access Manager VAM prior to 4.42.2. An authenticated attacker can perform SQL Injection in a GET parameter of /monitor/sterminal.php...
CVE-2023-42244
An issue was discovered in Selesta Visual Access Manager VAM prior to 4.42.2. An authenticated attacker can perform SQL Injection in multiple POST parameters of /vam/vamvisits.php...
CVE-2023-42244
An issue was discovered in Selesta Visual Access Manager VAM prior to 4.42.2. An authenticated attacker can perform SQL Injection in multiple POST parameters of /vam/vamvisits.php...
CVE-2023-42235
An issue was discovered in Selesta Visual Access Manager VAM prior to 4.42.2. An authenticated attacker can perform SQL Injection in multiple parameters of /monitor/snormalizedtrans.php...
CVE-2023-42235
An issue was discovered in Selesta Visual Access Manager VAM prior to 4.42.2. An authenticated attacker can perform SQL Injection in multiple parameters of /monitor/snormalizedtrans.php...
CVE-2023-42236
An issue was discovered in Selesta Visual Access Manager VAM prior to 4.42.2. An authenticated attacker can perform SQL Injection in a GET parameter of /common/ajaxfunction.php...
CVE-2023-42237
An issue was discovered in Selesta Visual Access Manager VAM prior to 4.42.2. An authenticated attacker can perform SQL Injection in multiple GET parameters of /vam/vamicommand.php...
CVE-2023-42242
An issue was discovered in Selesta Visual Access Manager VAM prior to 4.42.2. An authenticated attacker can perform SQL Injection in a GET parameter of /monitor/sterminal.php...
CVE-2023-42244
An issue was discovered in Selesta Visual Access Manager VAM prior to 4.42.2. An authenticated attacker can perform SQL Injection in multiple POST parameters of /vam/vamvisits.php...
CVE-2023-42241
An issue was discovered in Selesta Visual Access Manager VAM prior to 4.42.2. An authenticated attacker can perform SQL Injection in multiple POST parameters of /vam/vamanagraphic.php...
CVE-2023-42246
Selesta Visual Access Manager 4.42.2 is vulnerable to Cross Site Scripting XSS via /vam/vamep.php...
CVE-2023-42245
Selesta Visual Access Manager 4.42.2 is vulnerable to Cross Site Scripting XSS via monitor/sscheduledfile.php...
CVE-2023-42250
Selesta Visual Access Manager 4.42.2 is vulnerable to Cross Site Scripting XSS via /common/autocomplete.php...
CVE-2023-42238
An issue was discovered in Selesta Visual Access Manager VAM prior to 4.42.2. An authenticated attacker can perform SQL Injection in multiple POST parameters of /vam/vameps.php...
CVE-2023-42235
An issue was discovered in Selesta Visual Access Manager VAM prior to 4.42.2. An authenticated attacker can perform SQL Injection in multiple parameters of /monitor/snormalizedtrans.php...
CVE-2023-42237
An issue was discovered in Selesta Visual Access Manager VAM prior to 4.42.2. An authenticated attacker can perform SQL Injection in multiple GET parameters of /vam/vamicommand.php...
CVE-2023-42239
An issue was discovered in Selesta Visual Access Manager VAM prior to 4.42.2. An authenticated attacker can perform SQL Injection in multiple POST parameters of /vam/vamep.php...
CVE-2023-42240
An issue was discovered in Selesta Visual Access Manager VAM prior to 4.42.2. An authenticated attacker can perform SQL Injection in multiple POST parameters of /monitor/sscheduledfile.php...
CVE-2023-42248
An issue was discovered in Selesta Visual Access Manager VAM prior to 4.42.2. An authenticated attacker can write arbitrary files by manipulating POST parameters of the page "common/vamSql.php"...
CVE-2023-42247
Selesta Visual Access Manager 4.42.2 is vulnerable to Cross Site Scripting XSS via monitor/smonitormap.php...