SysAid Help Desk <15.2 - Local File Inclusion

SysAid Help Desk before 15.2 contains multiple local file inclusion vulnerabilities which can allow remote attackers to read arbitrary files via .. dot dot in the fileName parameter of getGfiUpgradeFile or cause a denial of service CPU and memory consumption via .. dot dot in the fileName paramet...

SysAid Help Desk Arbitrary File Download

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SysAid Help Desk Arbitrary File Download', 'Description' = %q This module exploits two vulnerabilities in SysAid Help Desk that allows an...

SysAid Help Desk Database Credentials Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'openssl' class MetasploitModule 'SysAid Help Desk Database Credentials Disclosure', 'Description' = %q This module exploits a vulnerability in SysAid Help Desk...

CVE-2015-2996

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/admin/http/sysaidfiledownload.rb 2018-05-29 15:50:33+00:00| seen|...

CVE-2015-2996

CVE-2015-2996 affects SysAid Help Desk prior to 15.2. It involves directory traversal vulnerabilities that allow remote attackers to read arbitrary files via .. in the fileName parameter to getGfiUpgradeFile, and to cause a denial of service via .. in the fileName parameter to calculateRdsFileChe...

SysAid Help Desk Arbitrary File Download

This module exploits two vulnerabilities in SysAid Help Desk that allows an unauthenticated user to download arbitrary files from the system. First, an information disclosure vulnerability CVE-2015-2997 is used to obtain the file system path, and then we abuse a directory traversal CVE-2015-2996 ...