CVE-2023-42240

An issue was discovered in Selesta Visual Access Manager (VAM) prior to 4.42.2. An authenticated attacker can perform SQL Injection in multiple POST parameters of /monitor/s_scheduledfile.php. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt