VYPR

Vendor CVEs

Sysaid

All CVEs

38 total · sorted by risk
  • CVE-2024-27775HigMar 28, 2024
    risk 0.47cvss 7.2epss 0.01

    SysAid before version 23.2.14 b18 - CWE-918: Server-Side Request Forgery (SSRF) may allow exposing the local OS user's NTLMv2 hash

  • CVE-2023-47246KEVNov 10, 2023
    risk 0.26cvss epss 0.99

    In SysAid On-Premise before 23.3.36, a path traversal vulnerability leads to code execution after an attacker writes a file to the Tomcat webroot, as exploited in the wild in November 2023.

  • CVE-2025-2775KEVMay 7, 2025
    risk 0.18cvss epss 0.55

    SysAid On-Prem versions <= 23.3.40 are vulnerable to an unauthenticated XML External Entity (XXE) vulnerability in the Checkin processing functionality, allowing for administrator account takeover and file read primitives.

  • CVE-2025-2776KEVMay 7, 2025
    risk 0.17cvss epss 0.73

    SysAid On-Prem versions <= 23.3.40 are vulnerable to an unauthenticated XML External Entity (XXE) vulnerability in the Server URL processing functionality, allowing for administrator account takeover and file read primitives.

  • CVE-2015-2996Jun 8, 2015
    risk 0.10cvss epss 0.87

    Multiple directory traversal vulnerabilities in SysAid Help Desk before 15.2 allow remote attackers to (1) read arbitrary files via a .. (dot dot) in the fileName parameter to getGfiUpgradeFile or (2) cause a denial of service (CPU and memory consumption) via a .. (dot dot) in…

  • CVE-2015-2997Jun 8, 2015
    risk 0.08cvss epss 0.57

    SysAid Help Desk before 15.2 allows remote attackers to obtain sensitive information via an invalid value in the accountid parameter to getAgentLogFile, as demonstrated by a large directory traversal sequence, which reveals the installation path in an error message.

  • CVE-2015-2994Jun 8, 2015
    risk 0.07cvss epss 0.50

    Unrestricted file upload vulnerability in ChangePhoto.jsp in SysAid Help Desk before 15.2 allows remote administrators to execute arbitrary code by uploading a file with a .jsp extension, then accessing it via a direct request to the file in icons/user_photo/.

  • CVE-2015-2993Jun 8, 2015
    risk 0.07cvss epss 0.55

    SysAid Help Desk before 15.2 does not properly restrict access to certain functionality, which allows remote attackers to (1) create administrator accounts via a crafted request to /createnewaccount or (2) write to arbitrary files via the fileName parameter to /userentry.

  • CVE-2015-2995Jun 8, 2015
    risk 0.06cvss epss 0.34

    The RdsLogsEntry servlet in SysAid Help Desk before 15.2 does not properly check file extensions, which allows remote attackers to upload and execute arbitrary files via a NULL byte after the extension, as demonstrated by a .war%00 file.

  • CVE-2015-2998Jun 8, 2015
    risk 0.05cvss epss 0.26

    SysAid Help Desk before 15.2 uses a hardcoded encryption key, which makes it easier for remote attackers to obtain sensitive information, as demonstrated by decrypting the database password in WEB-INF/conf/serverConf.xml.

  • CVE-2015-3001Jun 8, 2015
    risk 0.04cvss epss 0.07

    SysAid Help Desk before 15.2 uses a hardcoded password of Password1 for the sa SQL Server Express user account, which allows remote authenticated users to bypass intended access restrictions by leveraging knowledge of this password.

  • CVE-2015-3000Jun 8, 2015
    risk 0.04cvss epss 0.08

    SysAid Help Desk before 15.2 allows remote attackers to cause a denial of service (CPU and memory consumption) via a large number of nested entity references in an XML document to (1) /agententry, (2) /rdsmonitoringresponse, or (3) /androidactions, aka an XML Entity Expansion…

  • CVE-2014-9436Jan 2, 2015
    risk 0.04cvss epss 0.07

    Absolute path traversal vulnerability in SysAid On-Premise before 14.4.2 allows remote attackers to read arbitrary files via a \\\\ (four backslashes) in the fileName parameter to getRdsLogFile.

  • CVE-2021-31862Oct 29, 2021
    risk 0.03cvss epss 0.04

    SysAid 20.4.74 allows XSS via the KeepAlive.jsp stamp parameter without any authentication.

  • CVE-2015-2999Jun 8, 2015
    risk 0.03cvss epss 0.02

    Multiple SQL injection vulnerabilities in SysAid Help Desk before 15.2 allow remote administrators to execute arbitrary SQL commands via the (1) groupFilter parameter in an AssetDetails report to /genericreport, customSQL parameter in a (2) TopAdministratorsByAverageTimer report…

  • CVE-2025-2777May 7, 2025
    risk 0.02cvss epss 0.79

    SysAid On-Prem versions <= 23.3.40 are vulnerable to an unauthenticated XML External Entity (XXE) vulnerability in the lshw processing functionality, allowing for administrator account takeover and file read primitives.

  • CVE-2021-30049Jul 22, 2021
    risk 0.01cvss epss 0.02

    SysAid 20.3.64 b14 is affected by Cross Site Scripting (XSS) via a /KeepAlive.jsp?stamp= URI.

  • CVE-2024-36394Jun 6, 2024
    risk 0.00cvss epss 0.01

    SysAid - CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

  • CVE-2024-36393Jun 6, 2024
    risk 0.00cvss epss 0.00

    SysAid - CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

  • CVE-2023-47247Dec 25, 2023
    risk 0.00cvss epss 0.00

    In SysAid On-Premise before 23.3.34, there is an edge case in which an end user is able to delete a Knowledge Base article, aka bug 15102.

  • CVE-2023-33706Nov 24, 2023
    risk 0.00cvss epss 0.01

    SysAid before 23.2.15 allows Indirect Object Reference (IDOR) attacks to read ticket data via a modified sid parameter to EmailHtmlSourceIframe.jsp or a modified srID parameter to ShowMessage.jsp.

  • CVE-2023-32226Jul 30, 2023
    risk 0.00cvss epss 0.00

    Sysaid - CWE-552: Files or Directories Accessible to External Parties -  Authenticated users may exfiltrate files from the server via an unspecified method.

  • CVE-2023-32225Jul 30, 2023
    risk 0.00cvss epss 0.01

    Sysaid - CWE-434: Unrestricted Upload of File with Dangerous Type -  A malicious user with administrative privileges may be able to upload a dangerous filetype via an unspecified method.

  • CVE-2022-23170Jun 24, 2022
    risk 0.00cvss epss 0.01

    SysAid - Okta SSO integration - was found vulnerable to XML External Entity Injection vulnerability. Any SysAid environment that uses the Okta SSO integration might be vulnerable. An unauthenticated attacker could exploit the XXE vulnerability by sending a malformed POST request…

  • CVE-2022-23166May 12, 2022
    risk 0.00cvss epss 0.01

    Sysaid – Sysaid Local File Inclusion (LFI) – An unauthenticated attacker can access to the system by accessing to "/lib/tinymce/examples/index.html" path. in the "Insert/Edit Embedded Media" window Choose Type : iFrame and File/URL : [here is the LFI] Solution: Update to…

  • CVE-2022-23165May 12, 2022
    risk 0.00cvss epss 0.00

    Sysaid – Sysaid 14.2.0 Reflected Cross-Site Scripting (XSS) - The parameter "helpPageName" used by the page "/help/treecontent.jsp" suffers from a Reflected Cross-Site Scripting vulnerability. For an attacker to exploit this Cross-Site Scripting vulnerability, it's necessary…

  • CVE-2022-22798May 12, 2022
    risk 0.00cvss epss 0.01

    Sysaid – Pro Plus Edition, SysAid Help Desk Broken Access Control v20.4.74 b10, v22.1.20 b62, v22.1.30 b49 - An attacker needs to log in as a guest after that the system redirects him to the service portal or EndUserPortal.JSP, then he needs to change the path in the URL to…

  • CVE-2022-22797May 12, 2022
    risk 0.00cvss epss 0.00

    Sysaid – sysaid Open Redirect - An Attacker can change the redirect link at the parameter "redirectURL" from"GET" request from the url location: /CommunitySSORedirect.jsp?redirectURL=https://google.com. Unvalidated redirects and forwards are possible when a web application…

  • CVE-2022-22796May 12, 2022
    risk 0.00cvss epss 0.01

    Sysaid – Sysaid System Takeover - An attacker can bypass the authentication process by accessing to: /wmiwizard.jsp, Then to: /ConcurrentLogin.jsp, then click on the login button, and it will redirect you to /home.jsp without any authentication.

  • CVE-2021-43974Jan 11, 2022
    risk 0.00cvss epss 0.01

    An issue was discovered in SysAid ITIL 20.4.74 b10. The /enduserreg endpoint is used to register end users anonymously, but does not respect the server-side setting that determines if anonymous users are allowed to register new accounts. Configuring the server-side setting to…

  • CVE-2021-43973Jan 11, 2022
    risk 0.00cvss epss 0.02

    An unrestricted file upload vulnerability in /UploadPsIcon.jsp in SysAid ITIL 20.4.74 b10 allows a remote authenticated attacker to upload an arbitrary file via the file parameter in the HTTP POST body. A successful request returns the absolute, server-side filesystem path of…

  • CVE-2021-43972Jan 11, 2022
    risk 0.00cvss epss 0.01

    An unrestricted file copy vulnerability in /UserSelfServiceSettings.jsp in SysAid ITIL 20.4.74 b10 allows a remote authenticated attacker to copy arbitrary files on the server filesystem to the web root (with an arbitrary filename) via the tempFile and fileName parameters in the…

  • CVE-2021-43971Jan 11, 2022
    risk 0.00cvss epss 0.02

    A SQL injection vulnerability in /mobile/SelectUsers.jsp in SysAid ITIL 20.4.74 b10 allows a remote authenticated attacker to execute arbitrary SQL commands via the filterText parameter.

  • CVE-2021-36721Dec 14, 2021
    risk 0.00cvss epss 0.00

    Sysaid API User Enumeration - Attacker sending requests to specific api path without any authorization before 21.3.60 version could get users names from the LDAP server.

  • CVE-2021-30486Jul 22, 2021
    risk 0.00cvss epss 0.01

    SysAid 20.3.64 b14 is affected by Blind and Stacker SQL injection via AssetManagementChart.jsp (GET computerID), AssetManagementChart.jsp (POST group1), AssetManagementList.jsp (GET computerID or group1), or AssetManagementSummary.jsp (GET group1).

  • CVE-2020-13168Oct 2, 2020
    risk 0.00cvss epss 0.01

    SysAid 20.1.11b26 allows reflected XSS via the ForgotPassword.jsp accountid parameter.

  • CVE-2020-10569Apr 21, 2020
    risk 0.00cvss epss 0.03

    SysAid On-Premise 20.1.11, by default, allows the AJP protocol port, which is vulnerable to a GhostCat attack. Additionally, it allows unauthenticated access to upload files, which can be used to execute commands on the system by chaining it with a GhostCat attack. NOTE: This…

  • CVE-2008-2179May 13, 2008
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in SystemList.jsp in SysAid 5.1.08 allows remote attackers to inject arbitrary web script or HTML via the searchField parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party…