exploitDog

GHSA-g64r-mjhp-4487

Опубликовано: 14 янв. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 5.4

Описание

In Selesta Visual Access Manager < 4.42.2, an authenticated user can access the administrative page /common/vam_Sql.php, which allows for arbitrary SQL queries.

In Selesta Visual Access Manager < 4.42.2, an authenticated user can access the administrative page /common/vam_Sql.php, which allows for arbitrary SQL queries.

Ссылки

EPSS

Процентиль: 27%

0.00095

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2023-42243

CVSS3: 5.4

nvd

около 1 года назад

In Selesta Visual Access Manager < 4.42.2, an authenticated user can access the administrative page /common/vam_Sql.php, which allows for arbitrary SQL queries.

EPSS

Процентиль: 27%

0.00095

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-89