CVE-2015-2999
CVE-2015-2999: SysAid Help Desk prior to 15.2 contains multiple SQL injection vulnerabilities. The injected vectors include (1) groupFilter in AssetDetails via /genericreport, (2) customSQL in TopAdministratorsByAverageTimer and (3) ActiveRequests via /genericreport, (4) dir parameter to HelpDesk...