Total
29 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-22798 | 1 Sysaid | 1 Sysaid | 2024-11-21 | 9.0 HIGH | 6.8 MEDIUM |
Sysaid – Pro Plus Edition, SysAid Help Desk Broken Access Control v20.4.74 b10, v22.1.20 b62, v22.1.30 b49 - An attacker needs to log in as a guest after that the system redirects him to the service portal or EndUserPortal.JSP, then he needs to change the path in the URL to /ConcurrentLogin%2ejsp after that he will receive an error message with a login button, by clicking on it, he will connect to the system dashboard. The attacker can receive sensitive data like server details, usernames, workstations, etc. He can also perform actions such as uploading files, deleting calls from the system. | |||||
CVE-2022-22797 | 1 Sysaid | 1 Sysaid | 2024-11-21 | 5.8 MEDIUM | 4.6 MEDIUM |
Sysaid – sysaid Open Redirect - An Attacker can change the redirect link at the parameter "redirectURL" from"GET" request from the url location: /CommunitySSORedirect.jsp?redirectURL=https://google.com. Unvalidated redirects and forwards are possible when a web application accepts untrusted input that could cause the web application to redirect the request to a URL contained within untrusted input. By modifying untrusted URL input to a malicious site, an attacker may successfully launch a phishing scam and steal user credentials. | |||||
CVE-2022-22796 | 1 Sysaid | 1 Sysaid | 2024-11-21 | 10.0 HIGH | 7.0 HIGH |
Sysaid – Sysaid System Takeover - An attacker can bypass the authentication process by accessing to: /wmiwizard.jsp, Then to: /ConcurrentLogin.jsp, then click on the login button, and it will redirect you to /home.jsp without any authentication. | |||||
CVE-2021-43973 | 1 Sysaid | 1 Sysaid | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
An unrestricted file upload vulnerability in /UploadPsIcon.jsp in SysAid ITIL 20.4.74 b10 allows a remote authenticated attacker to upload an arbitrary file via the file parameter in the HTTP POST body. A successful request returns the absolute, server-side filesystem path of the uploaded file. | |||||
CVE-2021-43972 | 1 Sysaid | 1 Sysaid | 2024-11-21 | 6.8 MEDIUM | 6.5 MEDIUM |
An unrestricted file copy vulnerability in /UserSelfServiceSettings.jsp in SysAid ITIL 20.4.74 b10 allows a remote authenticated attacker to copy arbitrary files on the server filesystem to the web root (with an arbitrary filename) via the tempFile and fileName parameters in the HTTP POST body. | |||||
CVE-2021-43971 | 1 Sysaid | 1 Sysaid | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
A SQL injection vulnerability in /mobile/SelectUsers.jsp in SysAid ITIL 20.4.74 b10 allows a remote authenticated attacker to execute arbitrary SQL commands via the filterText parameter. | |||||
CVE-2021-31862 | 1 Sysaid | 1 Sysaid | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
SysAid 20.4.74 allows XSS via the KeepAlive.jsp stamp parameter without any authentication. | |||||
CVE-2021-30486 | 1 Sysaid | 1 Sysaid | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
SysAid 20.3.64 b14 is affected by Blind and Stacker SQL injection via AssetManagementChart.jsp (GET computerID), AssetManagementChart.jsp (POST group1), AssetManagementList.jsp (GET computerID or group1), or AssetManagementSummary.jsp (GET group1). | |||||
CVE-2021-30049 | 1 Sysaid | 1 Sysaid | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
SysAid 20.3.64 b14 is affected by Cross Site Scripting (XSS) via a /KeepAlive.jsp?stamp= URI. |