Lucene search
K

173 matches found

Cvelist
Cvelist
added 2025/01/13 12:0 a.m.10 views

CVE-2023-42241

An issue was discovered in Selesta Visual Access Manager VAM prior to 4.42.2. An authenticated attacker can perform SQL Injection in multiple POST parameters of /vam/vamanagraphic.php...

0.00232EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/13 12:0 a.m.9 views

CVE-2023-42249

Selesta Visual Access Manager 4.42.2 is vulnerable to Cross Site Scripting XSS via vam/vamvisits.php...

5.9AI score0.00224EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/13 12:0 a.m.5 views

PT-2025-1463 · Selesta · Selesta Visual Access Manager

Name of the Vulnerable Software and Affected Versions: Selesta Visual Access Manager VAM versions prior to 4.42.2 Description: An issue was discovered in Selesta Visual Access Manager VAM where an authenticated attacker can perform SQL Injection in multiple GET parameters of "/vam/vam i...

3.8CVSS7.9AI score0.00232EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/01/13 12:0 a.m.7 views

CVE-2023-42247

Selesta Visual Access Manager 4.42.2 is vulnerable to Cross Site Scripting XSS via monitor/smonitormap.php...

5.9AI score0.00226EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/13 12:0 a.m.11 views

CVE-2023-42235

An issue was discovered in Selesta Visual Access Manager VAM prior to 4.42.2. An authenticated attacker can perform SQL Injection in multiple parameters of /monitor/snormalizedtrans.php...

4.9AI score0.00309EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/13 12:0 a.m.10 views

CVE-2023-42245

Selesta Visual Access Manager 4.42.2 is vulnerable to Cross Site Scripting XSS via monitor/sscheduledfile.php...

5.9AI score0.00224EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/13 12:0 a.m.5 views

Selesta Visual Access Manager 安全漏洞

Selesta Visual Access Manager is a visual access manager from Selesta. A SQL injection vulnerability exists in Selesta Visual Access Manager, which can be exploited by an attacker to perform SQL injection in the POST parameter of /vam/vameps.php...

3.8CVSS7.9AI score0.00309EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/13 12:0 a.m.3 views

Selesta Visual Access Manager 安全漏洞

Selesta Visual Access Manager is a visual access manager from Selesta. Selesta Visual Access Manager suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in /common/vamSql.php. An attacker can exploit this vulnerability to perform...

5.4CVSS8AI score0.00231EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/13 12:0 a.m.4 views

Selesta Visual Access Manager 安全漏洞

Selesta Visual Access Manager is a visual access manager from Selesta. Selesta Visual Access Manager suffers from a SQL injection vulnerability that stems from the application's lack of validation of externally entered SQL statements, which can be exploited by an attacker to perform SQL injection...

8.8CVSS8AI score0.00371EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/13 12:0 a.m.16 views

CVE-2023-42244

An issue was discovered in Selesta Visual Access Manager VAM prior to 4.42.2. An authenticated attacker can perform SQL Injection in multiple POST parameters of /vam/vamvisits.php...

0.00371EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/13 12:0 a.m.15 views

CVE-2023-42242

An issue was discovered in Selesta Visual Access Manager VAM prior to 4.42.2. An authenticated attacker can perform SQL Injection in a GET parameter of /monitor/sterminal.php...

0.00309EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/13 12:0 a.m.10 views

CVE-2023-42243

In Selesta Visual Access Manager 4.42.2, an authenticated user can access the administrative page /common/vamSql.php, which allows for arbitrary SQL queries...

0.00231EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/13 12:0 a.m.28 views

CVE-2023-42250

Selesta Visual Access Manager 4.42.2 is vulnerable to Cross Site Scripting XSS via /common/autocomplete.php...

0.00224EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/13 12:0 a.m.14 views

CVE-2023-42238

An issue was discovered in Selesta Visual Access Manager VAM prior to 4.42.2. An authenticated attacker can perform SQL Injection in multiple POST parameters of /vam/vameps.php...

0.00309EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/13 12:0 a.m.20 views

CVE-2023-42236

An issue was discovered in Selesta Visual Access Manager VAM prior to 4.42.2. An authenticated attacker can perform SQL Injection in a GET parameter of /common/ajaxfunction.php...

0.00309EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/13 12:0 a.m.9 views

CVE-2023-42240

An issue was discovered in Selesta Visual Access Manager VAM prior to 4.42.2. An authenticated attacker can perform SQL Injection in multiple POST parameters of /monitor/sscheduledfile.php...

4.9AI score0.00232EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/13 12:0 a.m.13 views

CVE-2023-42235

An issue was discovered in Selesta Visual Access Manager VAM prior to 4.42.2. An authenticated attacker can perform SQL Injection in multiple parameters of /monitor/snormalizedtrans.php...

0.00309EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/13 12:0 a.m.28 views

CVE-2023-42248

An issue was discovered in Selesta Visual Access Manager VAM prior to 4.42.2. An authenticated attacker can write arbitrary files by manipulating POST parameters of the page "common/vamSql.php"...

0.00344EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/13 12:0 a.m.13 views

CVE-2023-42238

An issue was discovered in Selesta Visual Access Manager VAM prior to 4.42.2. An authenticated attacker can perform SQL Injection in multiple POST parameters of /vam/vameps.php...

4.9AI score0.00309EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/13 12:0 a.m.11 views

PT-2025-1474 · Selesta · Selesta Visual Access Manager

Name of the Vulnerable Software and Affected Versions: Selesta Visual Access Manager VAM versions prior to 4.42.2 Description: An issue was discovered in Selesta Visual Access Manager VAM where an authenticated attacker can write arbitrary files by manipulating POST parameters of the page...

6.5CVSS6.8AI score0.00344EPSS
Exploits0References5
Rows per page
Query Builder