Skip to main content

Sysaid

26 CVEs product

Monthly

CVE-2025-2777 CRITICAL POC THREAT Emergency

SysAid On-Prem versions <= 23.3.40 are vulnerable to an unauthenticated XML External Entity (XXE) vulnerability in the lshw processing functionality, allowing for administrator account takeover and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 24.6%.

XXE Sysaid
NVD
CVSS 3.1
9.3
EPSS
24.6%
Threat
4.1
CVE-2025-2776 CRITICAL POC KEV THREAT Emergency

SysAid On-Prem contains a second unauthenticated XXE injection in Server URL processing, providing an alternative attack path to the Checkin XXE (CVE-2025-2775) for admin takeover.

XXE Sysaid
NVD
CVSS 3.1
9.3
EPSS
62.6%
Threat
6.7
CVE-2025-2775 CRITICAL POC KEV THREAT Emergency

SysAid On-Prem versions through 23.3.40 contain an unauthenticated XXE injection in the Checkin processing, enabling administrator account takeover and file read primitives.

XXE Sysaid
NVD
CVSS 3.1
9.3
EPSS
69.8%
Threat
7.0
CVE-2024-36394 CRITICAL Act Now

SysAid - CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Sysaid
NVD
CVSS 3.1
9.8
EPSS
1.1%
CVE-2024-36393 CRITICAL Act Now

SysAid - CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Sysaid
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2023-47247 MEDIUM This Month

In SysAid On-Premise before 23.3.34, there is an edge case in which an end user is able to delete a Knowledge Base article, aka bug 15102. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Sysaid
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2023-33706 MEDIUM POC This Month

SysAid before 23.2.15 allows Indirect Object Reference (IDOR) attacks to read ticket data via a modified sid parameter to EmailHtmlSourceIframe.jsp or a modified srID parameter to ShowMessage.jsp. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Sysaid
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2023-47246 CRITICAL POC KEV THREAT Act Now

In SysAid On-Premise before 23.3.36, a path traversal vulnerability leads to code execution after an attacker writes a file to the Tomcat webroot, as exploited in the wild in November 2023. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tomcat RCE Path Traversal Sysaid
NVD
CVSS 3.1
9.8
EPSS
98.9%
CVE-2022-23166 CRITICAL Act Now

Sysaid - Sysaid Local File Inclusion (LFI) - An unauthenticated attacker can access to the system by accessing to "/lib/tinymce/examples/index.html" path. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Sysaid
NVD
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-23165 MEDIUM This Month

Sysaid - Sysaid 14.2.0 Reflected Cross-Site Scripting (XSS) - The parameter "helpPageName" used by the page "/help/treecontent.jsp" suffers from a Reflected Cross-Site Scripting vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Information Disclosure Sysaid
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2022-22798 HIGH This Week

Sysaid - Pro Plus Edition, SysAid Help Desk Broken Access Control v20.4.74 b10, v22.1.20 b62, v22.1.30 b49 - An attacker needs to log in as a guest after that the system redirects him to the service. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Sysaid
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2022-22797 MEDIUM This Month

Sysaid - sysaid Open Redirect - An Attacker can change the redirect link at the parameter "redirectURL" from"GET" request from the url location:. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Open Redirect Sysaid
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-22796 CRITICAL Act Now

Sysaid - Sysaid System Takeover - An attacker can bypass the authentication process by accessing to: /wmiwizard.jsp, Then to: /ConcurrentLogin.jsp, then click on the login button, and it will. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Sysaid
NVD
CVSS 3.1
9.8
EPSS
1.3%
CVE-2021-31862 MEDIUM POC This Month

SysAid 20.4.74 allows XSS via the KeepAlive.jsp stamp parameter without any authentication. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Sysaid
NVD GitHub
CVSS 3.1
6.1
EPSS
3.9%
CVE-2021-30486 HIGH POC This Week

SysAid 20.3.64 b14 is affected by Blind and Stacker SQL injection via AssetManagementChart.jsp (GET computerID), AssetManagementChart.jsp (POST group1), AssetManagementList.jsp (GET computerID or. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Sysaid
NVD
CVSS 3.1
8.8
EPSS
1.0%
CVE-2021-30049 MEDIUM POC This Month

SysAid 20.3.64 b14 is affected by Cross Site Scripting (XSS) via a /KeepAlive.jsp?stamp= URI. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Sysaid
NVD
CVSS 3.1
6.1
EPSS
2.5%
CVE-2015-3001 MEDIUM POC THREAT This Month

SysAid Help Desk before 15.2 uses a hardcoded password of Password1 for the sa SQL Server Express user account, which allows remote authenticated users to bypass intended access restrictions by. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 13.7%.

Authentication Bypass Sysaid
NVD Exploit-DB
CVSS 2.0
5.0
EPSS
13.7%
CVE-2015-3000 HIGH POC THREAT Act Now

SysAid Help Desk before 15.2 allows remote attackers to cause a denial of service (CPU and memory consumption) via a large number of nested entity references in an XML document to (1) /agententry,. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 20.1%.

Denial Of Service Sysaid
NVD Exploit-DB
CVSS 2.0
7.8
EPSS
20.1%
CVE-2015-2999 MEDIUM POC This Month

Multiple SQL injection vulnerabilities in SysAid Help Desk before 15.2 allow remote administrators to execute arbitrary SQL commands via the (1) groupFilter parameter in an AssetDetails report to. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Sysaid
NVD Exploit-DB
CVSS 2.0
6.5
EPSS
1.0%
CVE-2015-2998 MEDIUM POC THREAT This Month

SysAid Help Desk before 15.2 uses a hardcoded encryption key, which makes it easier for remote attackers to obtain sensitive information, as demonstrated by decrypting the database password in. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 62.2%.

Information Disclosure Sysaid
NVD Exploit-DB
CVSS 2.0
5.0
EPSS
62.2%
Threat
4.4
CVE-2015-2997 MEDIUM POC THREAT This Month

SysAid Help Desk before 15.2 allows remote attackers to obtain sensitive information via an invalid value in the accountid parameter to getAgentLogFile, as demonstrated by a large directory traversal. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 80.8%.

Path Traversal Information Disclosure Sysaid
NVD Exploit-DB
CVSS 2.0
5.0
EPSS
80.8%
Threat
4.9
CVE-2015-2996 HIGH POC THREAT Act Now

Multiple directory traversal vulnerabilities in SysAid Help Desk before 15.2 allow remote attackers to (1) read arbitrary files via a .. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 88.2%.

Path Traversal Denial Of Service Sysaid
NVD Exploit-DB
CVSS 2.0
8.5
EPSS
88.2%
Threat
5.8
CVE-2015-2995 MEDIUM POC THREAT This Month

The RdsLogsEntry servlet in SysAid Help Desk before 15.2 does not properly check file extensions, which allows remote attackers to upload and execute arbitrary files via a NULL byte after the. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 79.2%.

Path Traversal Sysaid
NVD Exploit-DB
CVSS 2.0
6.8
EPSS
79.2%
Threat
5.2
CVE-2015-2994 MEDIUM POC THREAT This Month

Unrestricted file upload vulnerability in ChangePhoto.jsp in SysAid Help Desk before 15.2 allows remote administrators to execute arbitrary code by uploading a file with a .jsp extension, then. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 76.9%.

RCE File Upload Sysaid
NVD Exploit-DB
CVSS 2.0
6.5
EPSS
76.9%
Threat
5.1
CVE-2015-2993 HIGH POC THREAT Act Now

SysAid Help Desk before 15.2 does not properly restrict access to certain functionality, which allows remote attackers to (1) create administrator accounts via a crafted request to /createnewaccount. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 77.0%.

Privilege Escalation Sysaid
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
77.0%
Threat
5.3
CVE-2014-9436 MEDIUM POC THREAT This Month

Absolute path traversal vulnerability in SysAid On-Premise before 14.4.2 allows remote attackers to read arbitrary files via a \\\\ (four backslashes) in the fileName parameter to getRdsLogFile. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 14.5%.

Path Traversal Sysaid
NVD Exploit-DB
CVSS 2.0
5.0
EPSS
14.5%
EPSS 25% 4.1 CVSS 9.3
CRITICAL POC THREAT Emergency

SysAid On-Prem versions <= 23.3.40 are vulnerable to an unauthenticated XML External Entity (XXE) vulnerability in the lshw processing functionality, allowing for administrator account takeover and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 24.6%.

XXE Sysaid
NVD
EPSS 63% 6.7 CVSS 9.3
CRITICAL POC KEV THREAT Emergency

SysAid On-Prem contains a second unauthenticated XXE injection in Server URL processing, providing an alternative attack path to the Checkin XXE (CVE-2025-2775) for admin takeover.

XXE Sysaid
NVD
EPSS 70% 7.0 CVSS 9.3
CRITICAL POC KEV THREAT Emergency

SysAid On-Prem versions through 23.3.40 contain an unauthenticated XXE injection in the Checkin processing, enabling administrator account takeover and file read primitives.

XXE Sysaid
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

SysAid - CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Sysaid
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

SysAid - CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Sysaid
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

In SysAid On-Premise before 23.3.34, there is an edge case in which an end user is able to delete a Knowledge Base article, aka bug 15102. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Sysaid
NVD
EPSS 1% CVSS 6.5
MEDIUM POC This Month

SysAid before 23.2.15 allows Indirect Object Reference (IDOR) attacks to read ticket data via a modified sid parameter to EmailHtmlSourceIframe.jsp or a modified srID parameter to ShowMessage.jsp. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Sysaid
NVD
EPSS 99% CVSS 9.8
CRITICAL POC KEV THREAT Act Now

In SysAid On-Premise before 23.3.36, a path traversal vulnerability leads to code execution after an attacker writes a file to the Tomcat webroot, as exploited in the wild in November 2023. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tomcat RCE Path Traversal +1
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Sysaid - Sysaid Local File Inclusion (LFI) - An unauthenticated attacker can access to the system by accessing to "/lib/tinymce/examples/index.html" path. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Sysaid
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Sysaid - Sysaid 14.2.0 Reflected Cross-Site Scripting (XSS) - The parameter "helpPageName" used by the page "/help/treecontent.jsp" suffers from a Reflected Cross-Site Scripting vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Information Disclosure Sysaid
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Sysaid - Pro Plus Edition, SysAid Help Desk Broken Access Control v20.4.74 b10, v22.1.20 b62, v22.1.30 b49 - An attacker needs to log in as a guest after that the system redirects him to the service. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Sysaid
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Sysaid - sysaid Open Redirect - An Attacker can change the redirect link at the parameter "redirectURL" from"GET" request from the url location:. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Open Redirect Sysaid
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Sysaid - Sysaid System Takeover - An attacker can bypass the authentication process by accessing to: /wmiwizard.jsp, Then to: /ConcurrentLogin.jsp, then click on the login button, and it will. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Sysaid
NVD
EPSS 4% CVSS 6.1
MEDIUM POC This Month

SysAid 20.4.74 allows XSS via the KeepAlive.jsp stamp parameter without any authentication. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Sysaid
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC This Week

SysAid 20.3.64 b14 is affected by Blind and Stacker SQL injection via AssetManagementChart.jsp (GET computerID), AssetManagementChart.jsp (POST group1), AssetManagementList.jsp (GET computerID or. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Sysaid
NVD
EPSS 2% CVSS 6.1
MEDIUM POC This Month

SysAid 20.3.64 b14 is affected by Cross Site Scripting (XSS) via a /KeepAlive.jsp?stamp= URI. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Sysaid
NVD
EPSS 14% CVSS 5.0
MEDIUM POC THREAT This Month

SysAid Help Desk before 15.2 uses a hardcoded password of Password1 for the sa SQL Server Express user account, which allows remote authenticated users to bypass intended access restrictions by. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 13.7%.

Authentication Bypass Sysaid
NVD Exploit-DB
EPSS 20% CVSS 7.8
HIGH POC THREAT Act Now

SysAid Help Desk before 15.2 allows remote attackers to cause a denial of service (CPU and memory consumption) via a large number of nested entity references in an XML document to (1) /agententry,. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 20.1%.

Denial Of Service Sysaid
NVD Exploit-DB
EPSS 1% CVSS 6.5
MEDIUM POC This Month

Multiple SQL injection vulnerabilities in SysAid Help Desk before 15.2 allow remote administrators to execute arbitrary SQL commands via the (1) groupFilter parameter in an AssetDetails report to. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Sysaid
NVD Exploit-DB
EPSS 62% 4.4 CVSS 5.0
MEDIUM POC THREAT This Month

SysAid Help Desk before 15.2 uses a hardcoded encryption key, which makes it easier for remote attackers to obtain sensitive information, as demonstrated by decrypting the database password in. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 62.2%.

Information Disclosure Sysaid
NVD Exploit-DB
EPSS 81% 4.9 CVSS 5.0
MEDIUM POC THREAT This Month

SysAid Help Desk before 15.2 allows remote attackers to obtain sensitive information via an invalid value in the accountid parameter to getAgentLogFile, as demonstrated by a large directory traversal. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 80.8%.

Path Traversal Information Disclosure Sysaid
NVD Exploit-DB
EPSS 88% 5.8 CVSS 8.5
HIGH POC THREAT Act Now

Multiple directory traversal vulnerabilities in SysAid Help Desk before 15.2 allow remote attackers to (1) read arbitrary files via a .. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 88.2%.

Path Traversal Denial Of Service Sysaid
NVD Exploit-DB
EPSS 79% 5.2 CVSS 6.8
MEDIUM POC THREAT This Month

The RdsLogsEntry servlet in SysAid Help Desk before 15.2 does not properly check file extensions, which allows remote attackers to upload and execute arbitrary files via a NULL byte after the. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 79.2%.

Path Traversal Sysaid
NVD Exploit-DB
EPSS 77% 5.1 CVSS 6.5
MEDIUM POC THREAT This Month

Unrestricted file upload vulnerability in ChangePhoto.jsp in SysAid Help Desk before 15.2 allows remote administrators to execute arbitrary code by uploading a file with a .jsp extension, then. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 76.9%.

RCE File Upload Sysaid
NVD Exploit-DB
EPSS 77% 5.3 CVSS 7.5
HIGH POC THREAT Act Now

SysAid Help Desk before 15.2 does not properly restrict access to certain functionality, which allows remote attackers to (1) create administrator accounts via a crafted request to /createnewaccount. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 77.0%.

Privilege Escalation Sysaid
NVD Exploit-DB
EPSS 15% CVSS 5.0
MEDIUM POC THREAT This Month

Absolute path traversal vulnerability in SysAid On-Premise before 14.4.2 allows remote attackers to read arbitrary files via a \\\\ (four backslashes) in the fileName parameter to getRdsLogFile. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 14.5%.

Path Traversal Sysaid
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy