Vulnerability Details CVE-2023-42243
In Selesta Visual Access Manager < 4.42.2, an authenticated user can access the administrative page /common/vam_Sql.php, which allows for arbitrary SQL queries.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 12.5%
CVSS Severity
CVSS v3 Score 5.4
Products affected by CVE-2023-42243
-
cpe:2.3:a:seling:visual_access_manager:4.15.0
-
cpe:2.3:a:seling:visual_access_manager:4.29.0