173 matches found
Selesta Visual Access Manager SQL Injection Vulnerability (CNVD-2025-22654)
Selesta Visual Access Manager is a visual access manager from Selesta. A SQL injection vulnerability exists in Selesta Visual Access Manager. The vulnerability stems from the application's lack of validation of externally entered SQL statements and is exploited by an attacker to perform SQL...
Selesta Visual Access SQL Injection Vulnerability (CNVD-2025-22546)
Selesta Visual Access Manager is a visual access manager from Selesta. A SQL injection vulnerability exists in Selesta Visual Access Manager. An attacker can exploit this vulnerability to perform SQL injection in the GET parameter of /monitor/sterminal.php...
CVE-2023-42249
Selesta Visual Access Manager 4.42.2 is vulnerable to Cross Site Scripting XSS via vam/vamvisits.php...
CVE-2023-42250
Selesta Visual Access Manager 4.42.2 is vulnerable to Cross Site Scripting XSS via /common/autocomplete.php...
CVE-2023-42248
An issue was discovered in Selesta Visual Access Manager VAM prior to 4.42.2. An authenticated attacker can write arbitrary files by manipulating POST parameters of the page "common/vamSql.php"...
CVE-2023-42247
Selesta Visual Access Manager 4.42.2 is vulnerable to Cross Site Scripting XSS via monitor/smonitormap.php...
CVE-2023-42248
An issue was discovered in Selesta Visual Access Manager VAM prior to 4.42.2. An authenticated attacker can write arbitrary files by manipulating POST parameters of the page "common/vamSql.php"...
CVE-2023-42249
Selesta Visual Access Manager 4.42.2 is vulnerable to Cross Site Scripting XSS via vam/vamvisits.php...
CVE-2023-42246
Selesta Visual Access Manager 4.42.2 is vulnerable to Cross Site Scripting XSS via /vam/vamep.php...
CVE-2023-42247
Selesta Visual Access Manager 4.42.2 is vulnerable to Cross Site Scripting XSS via monitor/smonitormap.php...
CVE-2023-42250
Selesta Visual Access Manager 4.42.2 is vulnerable to Cross Site Scripting XSS via /common/autocomplete.php...
CVE-2023-42246
Selesta Visual Access Manager 4.42.2 is vulnerable to Cross Site Scripting XSS via /vam/vamep.php...
CVE-2023-42244
An issue was discovered in Selesta Visual Access Manager VAM prior to 4.42.2. An authenticated attacker can perform SQL Injection in multiple POST parameters of /vam/vamvisits.php...
CVE-2023-42244
An issue was discovered in Selesta Visual Access Manager VAM prior to 4.42.2. An authenticated attacker can perform SQL Injection in multiple POST parameters of /vam/vamvisits.php...
CVE-2023-42238
An issue was discovered in Selesta Visual Access Manager VAM prior to 4.42.2. An authenticated attacker can perform SQL Injection in multiple POST parameters of /vam/vameps.php...
CVE-2023-42241
An issue was discovered in Selesta Visual Access Manager VAM prior to 4.42.2. An authenticated attacker can perform SQL Injection in multiple POST parameters of /vam/vamanagraphic.php...
CVE-2023-42239
An issue was discovered in Selesta Visual Access Manager VAM prior to 4.42.2. An authenticated attacker can perform SQL Injection in multiple POST parameters of /vam/vamep.php...
CVE-2023-42240
An issue was discovered in Selesta Visual Access Manager VAM prior to 4.42.2. An authenticated attacker can perform SQL Injection in multiple POST parameters of /monitor/sscheduledfile.php...
CVE-2023-42242
An issue was discovered in Selesta Visual Access Manager VAM prior to 4.42.2. An authenticated attacker can perform SQL Injection in a GET parameter of /monitor/sterminal.php...
CVE-2023-42244
An issue was discovered in Selesta Visual Access Manager VAM prior to 4.42.2. An authenticated attacker can perform SQL Injection in multiple POST parameters of /vam/vamvisits.php...