CVE-2023-42239

An issue was discovered in Selesta Visual Access Manager (VAM) prior to 4.42.2. An authenticated attacker can perform SQL Injection in multiple POST parameters of /vam/vam_ep.php. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt