Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2022-23166

Sysaid – Sysaid Local File Inclusion (LFI) – An unauthenticated attacker can access to the system by accessing to "/lib/tinymce/examples/index.html" path. in the "Insert/Edit Embedded Media" window Choose Type : iFrame and File/URL : [here is the LFI] Solution: Update to 22.2.20 cloud version, or to 22.1.64 on premise version.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 62.1%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 10.0
Products affected by CVE-2022-23166
  • Sysaid » Sysaid » Version: N/A
    cpe:2.3:a:sysaid:sysaid:-
  • Sysaid » Sysaid » Version: 21.1.30
    cpe:2.3:a:sysaid:sysaid:21.1.30
  • Sysaid » Sysaid » Version: 21.1.50
    cpe:2.3:a:sysaid:sysaid:21.1.50
  • Sysaid » Sysaid » Version: 21.4.45
    cpe:2.3:a:sysaid:sysaid:21.4.45
  • Sysaid » Sysaid » Version: 22.1.50
    cpe:2.3:a:sysaid:sysaid:22.1.50


Products
Pricing
Contact Us

Shodan ® - All rights reserved