CVE-2015-2999

SysAid Help Desk <15.2 - SQL Injection

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2015-2999.

AI-analyzed exploit summary This document provides a detailed technical analysis of multiple vulnerabilities in SysAid Help Desk 14.4, including SQL injection (CVE-2015-2999), file upload, arbitrary file download, and path disclosure. It includes proof-of-concept requests and explanations of exploitation constraints.

Description

Multiple SQL injection vulnerabilities in SysAid Help Desk before 15.2 allow remote administrators to execute arbitrary SQL commands via the (1) groupFilter parameter in an AssetDetails report to /genericreport, customSQL parameter in a (2) TopAdministratorsByAverageTimer report or an (3) ActiveRequests report to /genericreport, (4) dir parameter to HelpDesk.jsp, or (5) grantSQL parameter to RFCGantt.jsp.

Exploits (1)

exploitdb WRITEUP

webappshardware

https://www.exploit-db.com/exploits/43885

View Code ZIP pw:eip

This document provides a detailed technical analysis of multiple vulnerabilities in SysAid Help Desk 14.4, including SQL injection (CVE-2015-2999), file upload, arbitrary file download, and path disclosure. It includes proof-of-concept requests and explanations of exploitation constraints.

Classification

Writeup 100%

Attack Type

Sqli | Rce | Info Leak | Auth Bypass

Complexity

Moderate

Reliability

Reliable

Target: SysAid Help Desk 14.4

No auth needed

Prerequisites: Network access to the target · Java 7u25 or lower for unauthenticated file upload

MITRE ATT&CK