Shodan
Vulnerabilities
Vulnerable Software
Seling:  >> Visual Access Manager  >> 4.29.0  Security Vulnerabilities
CVE-2023-42246
Selesta Visual Access Manager < 4.42.2 is vulnerable to Cross Site Scripting (XSS) via /vam/vam_ep.php.
CVSS Score
6.1
EPSS Score
0.0
Published
2025-01-13
CVE-2023-42247
Selesta Visual Access Manager < 4.42.2 is vulnerable to Cross Site Scripting (XSS) via monitor/s_monitor_map.php.
CVSS Score
6.1
EPSS Score
0.0
Published
2025-01-13
CVE-2023-42248
An issue was discovered in Selesta Visual Access Manager (VAM) prior to 4.42.2. An authenticated attacker can write arbitrary files by manipulating POST parameters of the page "common/vam_Sql.php".
CVSS Score
6.5
EPSS Score
0.001
Published
2025-01-13
CVE-2023-42249
Selesta Visual Access Manager < 4.42.2 is vulnerable to Cross Site Scripting (XSS) via vam/vam_visits.php.
CVSS Score
6.1
EPSS Score
0.0
Published
2025-01-13
CVE-2023-42250
Selesta Visual Access Manager < 4.42.2 is vulnerable to Cross Site Scripting (XSS) via /common/autocomplete.php.
CVSS Score
6.1
EPSS Score
0.0
Published
2025-01-13
CVE-2023-42238
An issue was discovered in Selesta Visual Access Manager (VAM) prior to 4.42.2. An authenticated attacker can perform SQL Injection in multiple POST parameters of /vam/vam_eps.php.
CVSS Score
3.8
EPSS Score
0.0
Published
2025-01-13
CVE-2023-42239
An issue was discovered in Selesta Visual Access Manager (VAM) prior to 4.42.2. An authenticated attacker can perform SQL Injection in multiple POST parameters of /vam/vam_ep.php.
CVSS Score
3.8
EPSS Score
0.0
Published
2025-01-13
CVE-2023-42240
An issue was discovered in Selesta Visual Access Manager (VAM) prior to 4.42.2. An authenticated attacker can perform SQL Injection in multiple POST parameters of /monitor/s_scheduledfile.php.
CVSS Score
3.8
EPSS Score
0.0
Published
2025-01-13
CVE-2023-42241
An issue was discovered in Selesta Visual Access Manager (VAM) prior to 4.42.2. An authenticated attacker can perform SQL Injection in multiple POST parameters of /vam/vam_anagraphic.php.
CVSS Score
3.8
EPSS Score
0.0
Published
2025-01-13
CVE-2023-42242
An issue was discovered in Selesta Visual Access Manager (VAM) prior to 4.42.2. An authenticated attacker can perform SQL Injection in a GET parameter of /monitor/s_terminal.php.
CVSS Score
3.8
EPSS Score
0.0
Published
2025-01-13


Products
Pricing
Contact Us

Shodan ® - All rights reserved