CVE-2023-42241

LOW

3.8

Beschreibung

An issue was discovered in Selesta Visual Access Manager (VAM) prior to 4.42.2. An authenticated attacker can perform SQL Injection in multiple POST parameters of /vam/vam_anagraphic.php.

CVE Details

CVSS v3.1 Bewertung3.8

SchweregradLOW

CVSS VektorCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N

AngriffsvektorNETWORK

KomplexitatLOW

Erforderliche PrivilegienHIGH

BenutzerinteraktionNONE

Veroffentlicht1/13/2025

Zuletzt geandert4/17/2025

Quellenvd

Honeypot-Sichtungen0

Betroffene Produkte

seling:visual_access_manager

Schwachen (CWE)

CWE-89

Referenzen

https://gitlab.com/daniele_m/cve-list/-/blob/main/README.md(cve@mitre.org)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.