Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sysaid sysaid vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2021-30486
SysAid 20.3.64 b14 is affected by Blind and Stacker SQL injection via AssetManagementChart.jsp (GET computerID), AssetManagementChart.jsp (POST group1), AssetManagementList.jsp (GET computerID or group1), or AssetManagementSummary.jsp (GET group1).
Sysaid Sysaid 20.3.64
7.2
CVSSv3
CVE-2023-32225
Sysaid - CWE-434: Unrestricted Upload of File with Dangerous Type - A malicious user with administrative privileges may be able to upload a dangerous filetype via an unspecified method.
Sysaid Sysaid On-premises
6.5
CVSSv3
CVE-2023-33706
SysAid prior to 23.2.15 allows Indirect Object Reference (IDOR) attacks to read ticket data via a modified sid parameter to EmailHtmlSourceIframe.jsp or a modified srID parameter to ShowMessage.jsp.
Sysaid Sysaid
6.5
CVSSv3
CVE-2023-32226
Sysaid - CWE-552: Files or Directories Accessible to External Parties - Authenticated users may exfiltrate files from the server via an unspecified method.
Sysaid Sysaid On-premises
6.5
CVSSv3
CVE-2021-43972
An unrestricted file copy vulnerability in /UserSelfServiceSettings.jsp in SysAid ITIL 20.4.74 b10 allows a remote authenticated malicious user to copy arbitrary files on the server filesystem to the web root (with an arbitrary filename) via the tempFile and fileName parameters i...
Sysaid Sysaid 20.4.74
6.1
CVSSv3
CVE-2022-40323
SysAid Help Desk prior to 22.1.65 allows XSS in the Password Services module, aka FR# 67241.
Sysaid Help Desk
6.1
CVSSv3
CVE-2022-40325
SysAid Help Desk prior to 22.1.65 allows XSS via the Asset Dashboard, aka FR# 67262.
Sysaid Help Desk
6.1
CVSSv3
CVE-2022-40322
SysAid Help Desk prior to 22.1.65 allows XSS, aka FR# 66542 and 65579.
Sysaid Help Desk
6.1
CVSSv3
CVE-2022-40324
SysAid Help Desk prior to 22.1.65 allows XSS via the Linked SRs field, aka FR# 67258.
Sysaid Help Desk
6.1
CVSSv3
CVE-2022-22797
Sysaid – sysaid Open Redirect - An Attacker can change the redirect link at the parameter "redirectURL" from"GET" request from the url location: /CommunitySSORedirect.jsp?redirectURL=https://google.com. Unvalidated redirects and forwards are possible whe...
Sysaid Sysaid
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »