Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sysaid sysaid on-premises vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-47246
In SysAid On-Premise prior to 23.3.36, a path traversal vulnerability leads to code execution after an attacker writes a file to the Tomcat webroot, as exploited in the wild in November 2023.
Sysaid Sysaid On-premises
2 Github repositories
1 Article
7.2
CVSSv3
CVE-2023-32225
Sysaid - CWE-434: Unrestricted Upload of File with Dangerous Type - A malicious user with administrative privileges may be able to upload a dangerous filetype via an unspecified method.
Sysaid Sysaid On-premises
6.5
CVSSv3
CVE-2023-32226
Sysaid - CWE-552: Files or Directories Accessible to External Parties - Authenticated users may exfiltrate files from the server via an unspecified method.
Sysaid Sysaid On-premises
6.1
CVSSv3
CVE-2020-13168
SysAid 20.1.11b26 allows reflected XSS via the ForgotPassword.jsp accountid parameter.
Sysaid Sysaid On-premises 5.0
Sysaid Sysaid On-premises 5.5.06
Sysaid Sysaid On-premises 5.6
Sysaid Sysaid On-premises 6.0.9
Sysaid Sysaid On-premises 6.5
Sysaid Sysaid On-premises 7.0
Sysaid Sysaid On-premises 7.5
Sysaid Sysaid On-premises 8.0
Sysaid Sysaid On-premises 8.1
Sysaid Sysaid On-premises 8.5
Sysaid Sysaid On-premises 9.0.10
Sysaid Sysaid On-premises 9.0.30
Sysaid Sysaid On-premises 9.0.40
Sysaid Sysaid On-premises 9.0.52
Sysaid Sysaid On-premises 9.0.53
Sysaid Sysaid On-premises 9.1.0
Sysaid Sysaid On-premises 14.1
Sysaid Sysaid On-premises 14.2
Sysaid Sysaid On-premises 14.3
Sysaid Sysaid On-premises 14.4.00
Sysaid Sysaid On-premises 14.4.1
Sysaid Sysaid On-premises 14.4.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
client side
CVE-2023-31889
template injection
CVE-2024-4304
CVE-2006-4304
CVE-2024-33272
type confusion
CVE-2024-21345
CVE-2024-33271
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
Vulmon