CVE-2023-42241

An issue was discovered in Selesta Visual Access Manager (VAM) prior to 4.42.2. An authenticated attacker can perform SQL Injection in multiple POST parameters of /vam/vam_anagraphic.php. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt