CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

ATTACKERKB•added 2025/01/13 10:15 p.m.•0 views

CVE-2023-42250

Selesta Visual Access Manager 4.42.2 is vulnerable to Cross Site Scripting XSS via /common/autocomplete.php...

6.1CVSS5.8AI score0.00322EPSS

Exploits0References2

NVD•added 2025/01/13 10:15 p.m.•6 views

CVE-2023-42246

Selesta Visual Access Manager 4.42.2 is vulnerable to Cross Site Scripting XSS via /vam/vamep.php...

6.1CVSS0.00246EPSS

Exploits0References1

NVD•added 2025/01/13 10:15 p.m.•6 views

CVE-2023-42244

An issue was discovered in Selesta Visual Access Manager VAM prior to 4.42.2. An authenticated attacker can perform SQL Injection in multiple POST parameters of /vam/vamvisits.php...

8.8CVSS0.00174EPSS

Exploits0References1

ATTACKERKB•added 2025/01/13 10:15 p.m.•2 views

CVE-2023-42245

Selesta Visual Access Manager 4.42.2 is vulnerable to Cross Site Scripting XSS via monitor/sscheduledfile.php...

6.1CVSS5.8AI score0.00246EPSS

Exploits0References2

OSV•added 2025/01/13 10:15 p.m.•0 views

CVE-2023-42237

An issue was discovered in Selesta Visual Access Manager VAM prior to 4.42.2. An authenticated attacker can perform SQL Injection in multiple GET parameters of /vam/vamicommand.php...

3.8CVSS5.8AI score

Exploits0References1

NVD•added 2025/01/13 10:15 p.m.•12 views

CVE-2023-42236

An issue was discovered in Selesta Visual Access Manager VAM prior to 4.42.2. An authenticated attacker can perform SQL Injection in a GET parameter of /common/ajaxfunction.php...

3.8CVSS0.00181EPSS

Exploits0References1

CVE•added 2025/01/13 12:0 a.m.•37 views

CVE-2023-42246

CVE-2023-42246 concerns Selesta Visual Access Manager versions before 4.42.2. The vulnerability is a Cross-Site Scripting (XSS) flaw exploitable via the /vam/vam_ep.php endpoint. Impact details are limited to XSS with no exploit conditions provided; CVSS v3.1 base score 6.1 (MEDIUM). Affected/fix...

6.1CVSS6AI score0.00246EPSS

Exploits0References1Affected Software1

Cvelist•added 2025/01/13 12:0 a.m.•8 views

CVE-2023-42241

An issue was discovered in Selesta Visual Access Manager VAM prior to 4.42.2. An authenticated attacker can perform SQL Injection in multiple POST parameters of /vam/vamanagraphic.php...

0.00177EPSS

Exploits0References1

CVE•added 2025/01/13 12:0 a.m.•27 views

CVE-2023-42235

CVE-2023-42235 concerns Selesta Visual Access Manager (VAM) prior to 4.42.2. The issue is an authenticated SQL injection vulnerability in multiple parameters of the /monitor/s_normalizedtrans.php endpoint. Affected software: Selesta Visual Access Manager (VAM); vulnerable component: the /monitor/...

3.8CVSS7.9AI score0.00186EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2025/01/13 12:0 a.m.•1 views

PT-2025-1468 · Selesta · Selesta Visual Access Manager

Name of the Vulnerable Software and Affected Versions: Selesta Visual Access Manager VAM versions prior to 4.42.2 Description: An issue was discovered in Selesta Visual Access Manager VAM where an authenticated attacker can perform SQL Injection in a GET parameter of "/monitor/s terminal.php"...

3.8CVSS7.8AI score0.00126EPSS

Exploits0References4

Positive Technologies•added 2025/01/13 12:0 a.m.•1 views

PT-2025-1473 · Selesta · Selesta Visual Access Manager

Name of the Vulnerable Software and Affected Versions: Selesta Visual Access Manager versions prior to 4.42.2 Description: The issue is related to Cross Site Scripting XSS via the "monitor/s monitor map.php" endpoint. This allows for potential malicious script execution. No information is provide...

6.1CVSS6AI score0.00246EPSS

Exploits0References5

Positive Technologies•added 2025/01/13 12:0 a.m.•3 views

PT-2025-1461 · Selesta · Selesta Visual Access Manager

3.8CVSS7.9AI score0.00186EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by