Total
6 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-22835 | 1 Overit | 1 Geocall | 2024-09-18 | 3.5 LOW | 6.5 MEDIUM |
An issue was discovered in OverIT Geocall before version 8.0. An authenticated user who has the Test Trasformazione XSL functionality enabled can exploit a XXE vulnerability to read arbitrary files from the filesystem. | |||||
CVE-2022-22834 | 1 Overit | 1 Geocall | 2024-09-18 | 6.0 MEDIUM | 8.8 HIGH |
An issue was discovered in OverIT Geocall before 8.0. An authenticated user who has the Test Trasformazione XSL functionality enabled can exploit a XSLT Injection vulnerability. Attackers could exploit this issue to achieve remote code execution. | |||||
CVE-2019-5888 | 1 Overit | 1 Geocall | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
Multiple XSS vulnerabilities were discovered in OverIT Geocall 6.3 before build 2:346977. | |||||
CVE-2019-5890 | 1 Overit | 1 Geocall | 2024-02-28 | 9.0 HIGH | 8.8 HIGH |
An issue was discovered in OverIT Geocall 6.3 before build 2:346977. Weak authentication and session management allows an authenticated user to obtain access to the Administrative control panel and execute administrative functions. | |||||
CVE-2019-5891 | 1 Overit | 1 Geocall | 2024-02-28 | 5.0 MEDIUM | 9.8 CRITICAL |
An issue was discovered in OverIT Geocall 6.3 before build 2:346977. An unauthenticated servlet allows an attacker to obtain a cookie of an authenticated user, and login to the web application. | |||||
CVE-2019-5889 | 1 Overit | 1 Geocall | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
An log-management directory traversal issue was discovered in OverIT Geocall 6.3 before build 2:346977. |