CVE-2023-42243 Information

Description

In Selesta Visual Access Manager < 4.42.2 an authenticated user can access the administrative page /common/vam_Sql.php which allows for arbitrary SQL queries.

Reference

https://gitlab.com/daniele_m/cve-list/-/blob/main/README.md