Vulnerabilities (CVE)

Filtered by vendor Overit Subscribe
Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-5891 1 Overit 1 Geocall 2024-11-21 5.0 MEDIUM 9.8 CRITICAL
An issue was discovered in OverIT Geocall 6.3 before build 2:346977. An unauthenticated servlet allows an attacker to obtain a cookie of an authenticated user, and login to the web application.
CVE-2019-5890 1 Overit 1 Geocall 2024-11-21 9.0 HIGH 8.8 HIGH
An issue was discovered in OverIT Geocall 6.3 before build 2:346977. Weak authentication and session management allows an authenticated user to obtain access to the Administrative control panel and execute administrative functions.
CVE-2019-5889 1 Overit 1 Geocall 2024-11-21 5.0 MEDIUM 7.5 HIGH
An log-management directory traversal issue was discovered in OverIT Geocall 6.3 before build 2:346977.
CVE-2019-5888 1 Overit 1 Geocall 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
Multiple XSS vulnerabilities were discovered in OverIT Geocall 6.3 before build 2:346977.
CVE-2022-22835 1 Overit 1 Geocall 2024-09-18 3.5 LOW 6.5 MEDIUM
An issue was discovered in OverIT Geocall before version 8.0. An authenticated user who has the Test Trasformazione XSL functionality enabled can exploit a XXE vulnerability to read arbitrary files from the filesystem.
CVE-2022-22834 1 Overit 1 Geocall 2024-09-18 6.0 MEDIUM 8.8 HIGH
An issue was discovered in OverIT Geocall before 8.0. An authenticated user who has the Test Trasformazione XSL functionality enabled can exploit a XSLT Injection vulnerability. Attackers could exploit this issue to achieve remote code execution.