CVE-2015-2994

Related Files

SysAid Help Desk Administrator Portal Arbitrary File Upload

Posted Jul 17, 2015

Authored by Pedro Ribeiro | Site metasploit.com

This Metasploit module exploits a file upload vulnerability in SysAid Help Desk. The vulnerability exists in the ChangePhoto.jsp in the administrator portal, which does not handle correctly directory traversal sequences and does not enforce file extension restrictions. You need to have an administrator account, but there is a Metasploit auxiliary module that can create one for you. This Metasploit module has been tested in SysAid v14.4 in both Linux and Windows.

tags | exploit, file upload

systems | linux, windows

advisories | CVE-2015-2994

SHA-256 | 0c208d2f198e77dc853b8bf460e5001c9fc1655e2c941edb66fcee493d8b936a

Download | Favorite | View

SysAid Help Desk 14.4 Code Execution / Denial Of Service / Traversal / SQL Injection

Posted Jun 3, 2015

Authored by Pedro Ribeiro

SysAid Help Desk version 14.4 suffers from code execution, denial of service, path disclosure, remote file upload, remote SQL injection, directory traversal, file download, and various other vulnerabilities.

tags | exploit, remote, denial of service, vulnerability, code execution, sql injection, file upload

advisories | CVE-2015-2993, CVE-2015-2994, CVE-2015-2995, CVE-2015-2996, CVE-2015-2997, CVE-2015-2998, CVE-2015-2999, CVE-2015-3000, CVE-2015-3001

SHA-256 | 093017574bd7478707d43e7e2b1e19064b8c055c7cf9ea2fe8f3083b6a50e5cb

Download | Favorite | View