158 matches found
CVE-2023-50811
An issue discovered in SELESTA Visual Access Manager 4.38.6 allows attackers to modify the “computer” POST parameter related to the ID of a specific reception by POST HTTP request interception. Iterating that parameter, it has been possible to access to the application and take control of many...
EUVD-2019-9582
Malware in sbrugna...
EUVD-2019-9579
Malware in sbrugna...
EUVD-2019-9578
Malware in sbrugna...
EUVD-2019-9574
Malware in sbrugna...
EUVD-2019-9580
Malware in sbrugna...
EUVD-2019-9576
Malware in sbrugna...
EUVD-2019-9577
Malware in sbrugna...
EUVD-2019-9575
Malware in sbrugna...
EUVD-2019-9581
Malware in sbrugna...
CVE-2023-42244
An issue was discovered in Selesta Visual Access Manager VAM prior to 4.42.2. An authenticated attacker can perform SQL Injection in multiple POST parameters of /vam/vamvisits.php...
CVE-2023-42239
An issue was discovered in Selesta Visual Access Manager VAM prior to 4.42.2. An authenticated attacker can perform SQL Injection in multiple POST parameters of /vam/vamep.php...
CVE-2023-42235
An issue was discovered in Selesta Visual Access Manager VAM prior to 4.42.2. An authenticated attacker can perform SQL Injection in multiple parameters of /monitor/snormalizedtrans.php...
CVE-2023-42246
Selesta Visual Access Manager 4.42.2 is vulnerable to Cross Site Scripting XSS via /vam/vamep.php...
CVE-2023-42248
An issue was discovered in Selesta Visual Access Manager VAM prior to 4.42.2. An authenticated attacker can write arbitrary files by manipulating POST parameters of the page "common/vamSql.php"...
CVE-2023-42247
Selesta Visual Access Manager 4.42.2 is vulnerable to Cross Site Scripting XSS via monitor/smonitormap.php...
CVE-2023-42243
In Selesta Visual Access Manager 4.42.2, an authenticated user can access the administrative page /common/vamSql.php, which allows for arbitrary SQL queries...
CVE-2023-42250
Selesta Visual Access Manager 4.42.2 is vulnerable to Cross Site Scripting XSS via /common/autocomplete.php...
CVE-2023-42240
An issue was discovered in Selesta Visual Access Manager VAM prior to 4.42.2. An authenticated attacker can perform SQL Injection in multiple POST parameters of /monitor/sscheduledfile.php...
CVE-2023-42245
Selesta Visual Access Manager 4.42.2 is vulnerable to Cross Site Scripting XSS via monitor/sscheduledfile.php...