Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sysaid sysaid vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-27775
SysAid before version 23.2.14 b18 - CWE-918: Server-Side Request Forgery (SSRF) may allow exposing the local OS user's NTLMv2 hash
NA
CVE-2023-47247
In SysAid On-Premise prior to 23.3.34, there is an edge case in which an end user is able to delete a Knowledge Base article, aka bug 15102.
Sysaid Sysaid
NA
CVE-2023-33706
SysAid prior to 23.2.15 allows Indirect Object Reference (IDOR) attacks to read ticket data via a modified sid parameter to EmailHtmlSourceIframe.jsp or a modified srID parameter to ShowMessage.jsp.
Sysaid Sysaid
NA
CVE-2023-47246
In SysAid On-Premise prior to 23.3.36, a path traversal vulnerability leads to code execution after an attacker writes a file to the Tomcat webroot, as exploited in the wild in November 2023.
Sysaid Sysaid On-premises
2 Github repositories
1 Article
NA
CVE-2023-32225
Sysaid - CWE-434: Unrestricted Upload of File with Dangerous Type - A malicious user with administrative privileges may be able to upload a dangerous filetype via an unspecified method.
Sysaid Sysaid On-premises
NA
CVE-2023-32226
Sysaid - CWE-552: Files or Directories Accessible to External Parties - Authenticated users may exfiltrate files from the server via an unspecified method.
Sysaid Sysaid On-premises
NA
CVE-2022-40323
SysAid Help Desk prior to 22.1.65 allows XSS in the Password Services module, aka FR# 67241.
Sysaid Help Desk
NA
CVE-2022-40325
SysAid Help Desk prior to 22.1.65 allows XSS via the Asset Dashboard, aka FR# 67262.
Sysaid Help Desk
NA
CVE-2022-40322
SysAid Help Desk prior to 22.1.65 allows XSS, aka FR# 66542 and 65579.
Sysaid Help Desk
NA
CVE-2022-40324
SysAid Help Desk prior to 22.1.65 allows XSS via the Linked SRs field, aka FR# 67258.
Sysaid Help Desk
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4