CVE-2019-19994

An issue was discovered in Selesta Visual Access Manager (VAM) 4.15.0 through 4.29. It allows blind Command Injection. An attacker without authentication is able to execute arbitrary operating system command by injecting the vulnerable parameter in the PHP Web page /common/vam_monitor_sap.php.
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:seling:visual_access_manager:*:*:*:*:*:*:*:*

Information

Published : 2020-02-26 08:15

Updated : 2020-02-27 05:32


NVD link : CVE-2019-19994

Mitre link : CVE-2019-19994


JSON object : View

CWE
CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Advertisement

dedicated server usa

Products Affected

seling

  • visual_access_manager