exploitDog

GHSA-2wr2-hrm6-j658

Опубликовано: 14 янв. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

An issue was discovered in Selesta Visual Access Manager (VAM) prior to 4.42.2. An authenticated attacker can write arbitrary files by manipulating POST parameters of the page "common/vam_Sql.php".

An issue was discovered in Selesta Visual Access Manager (VAM) prior to 4.42.2. An authenticated attacker can write arbitrary files by manipulating POST parameters of the page "common/vam_Sql.php".

Ссылки

EPSS

Процентиль: 38%

0.00164

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-434

Связанные уязвимости

CVE-2023-42248

CVSS3: 6.5

nvd

около 1 года назад

An issue was discovered in Selesta Visual Access Manager (VAM) prior to 4.42.2. An authenticated attacker can write arbitrary files by manipulating POST parameters of the page "common/vam_Sql.php".

EPSS

Процентиль: 38%

0.00164

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-434