Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sysaid sysaid 20.4.74 vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2021-43972
An unrestricted file copy vulnerability in /UserSelfServiceSettings.jsp in SysAid ITIL 20.4.74 b10 allows a remote authenticated malicious user to copy arbitrary files on the server filesystem to the web root (with an arbitrary filename) via the tempFile and fileName parameters i...
Sysaid Sysaid 20.4.74
578
VMScore
CVE-2021-43973
An unrestricted file upload vulnerability in /UploadPsIcon.jsp in SysAid ITIL 20.4.74 b10 allows a remote authenticated malicious user to upload an arbitrary file via the file parameter in the HTTP POST body. A successful request returns the absolute, server-side filesystem path ...
Sysaid Sysaid 20.4.74
578
VMScore
CVE-2021-43971
A SQL injection vulnerability in /mobile/SelectUsers.jsp in SysAid ITIL 20.4.74 b10 allows a remote authenticated malicious user to execute arbitrary SQL commands via the filterText parameter.
Sysaid Sysaid 20.4.74
445
VMScore
CVE-2021-43974
An issue exists in SysAid ITIL 20.4.74 b10. The /enduserreg endpoint is used to register end users anonymously, but does not respect the server-side setting that determines if anonymous users are allowed to register new accounts. Configuring the server-side setting to disable ano...
Sysaid Itil 20.4.74
383
VMScore
CVE-2021-31862
SysAid 20.4.74 allows XSS via the KeepAlive.jsp stamp parameter without any authentication.
Sysaid Sysaid 20.4.74
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started