2 matches found
CVE-2007-5259
The CVE-2007-5259 entry describes a CSRF vulnerability in Ilient SysAid 4.5.03 and 4.5.04. The issue allows remote attackers to perform administrator-level actions, demonstrated by changing the administrator password. The affected product is Ilient SysAid (versions 4.5.03/4.5.04); the root cause ...
CVE-2008-2179
CVE-2008-2179 describes a cross-site scripting (XSS) vulnerability in SysAid 5.1.08 affecting SystemList.jsp, exploitable via the searchField parameter. The vulnerability allows remote attackers to inject arbitrary web script or HTML. No exploitation status, remediation steps, or affected product...