Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sysaid sysaid vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-40322
SysAid Help Desk prior to 22.1.65 allows XSS, aka FR# 66542 and 65579.
Sysaid Help Desk
NA
CVE-2022-40323
SysAid Help Desk prior to 22.1.65 allows XSS in the Password Services module, aka FR# 67241.
Sysaid Help Desk
NA
CVE-2022-40325
SysAid Help Desk prior to 22.1.65 allows XSS via the Asset Dashboard, aka FR# 67262.
Sysaid Help Desk
NA
CVE-2022-40324
SysAid Help Desk prior to 22.1.65 allows XSS via the Linked SRs field, aka FR# 67258.
Sysaid Help Desk
606
VMScore
CVE-2022-23170
SysAid - Okta SSO integration - was found vulnerable to XML External Entity Injection vulnerability. Any SysAid environment that uses the Okta SSO integration might be vulnerable. An unauthenticated attacker could exploit the XXE vulnerability by sending a malformed POST request ...
Sysaid Okta Sso
445
VMScore
CVE-2021-36721
Sysaid API User Enumeration - Attacker sending requests to specific api path without any authorization prior to 21.3.60 version could get users names from the LDAP server.
Sysaid Application Programming Interface
890
VMScore
CVE-2020-10569
SysAid On-Premise 20.1.11, by default, allows the AJP protocol port, which is vulnerable to a GhostCat attack. Additionally, it allows unauthenticated access to upload files, which can be used to execute commands on the system by chaining it with a GhostCat attack. NOTE: This may...
Sysaid On-premise 20.1.11
NA
CVE-2024-27775
SysAid before version 23.2.14 b18 - CWE-918: Server-Side Request Forgery (SSRF) may allow exposing the local OS user's NTLMv2 hash
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4