Overit Geocall vulnerabilities
6 known vulnerabilities affecting overit/geocall.
Total CVEs
6
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH3MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2022-22834P3HIGHCVSS 8.8fixed in 8.02022-03-10
CVE-2022-22834 [HIGH] CWE-91 CVE-2022-22834: An issue was discovered in OverIT Geocall before 8.0. An authenticated user who has the Test Trasfor
An issue was discovered in OverIT Geocall before 8.0. An authenticated user who has the Test Trasformazione XSL functionality enabled can exploit a XSLT Injection vulnerability. Attackers could exploit this issue to achieve remote code execution.
nvd
CVE-2019-5890P3HIGHCVSS 8.8v6.32019-04-01
CVE-2019-5890 [HIGH] CWE-287 CVE-2019-5890: An issue was discovered in OverIT Geocall 6.3 before build 2:346977. Weak authentication and session
An issue was discovered in OverIT Geocall 6.3 before build 2:346977. Weak authentication and session management allows an authenticated user to obtain access to the Administrative control panel and execute administrative functions.
nvd
CVE-2022-22835P3MEDIUMCVSS 6.5fixed in 8.02022-03-10
CVE-2022-22835 [MEDIUM] CWE-611 CVE-2022-22835: An issue was discovered in OverIT Geocall before version 8.0. An authenticated user who has the Test
An issue was discovered in OverIT Geocall before version 8.0. An authenticated user who has the Test Trasformazione XSL functionality enabled can exploit a XXE vulnerability to read arbitrary files from the filesystem.
nvd
CVE-2019-5891P3CRITICALCVSS 9.8v6.32019-04-01
CVE-2019-5891 [CRITICAL] CVE-2019-5891: An issue was discovered in OverIT Geocall 6.3 before build 2:346977. An unauthenticated servlet allo
An issue was discovered in OverIT Geocall 6.3 before build 2:346977. An unauthenticated servlet allows an attacker to obtain a cookie of an authenticated user, and login to the web application.
nvd
CVE-2019-5889P3HIGHCVSS 7.5v6.32019-04-01
CVE-2019-5889 [HIGH] CWE-22 CVE-2019-5889: An log-management directory traversal issue was discovered in OverIT Geocall 6.3 before build 2:3469
An log-management directory traversal issue was discovered in OverIT Geocall 6.3 before build 2:346977.
nvd
CVE-2019-5888P4MEDIUMCVSS 6.1v6.32019-04-01
CVE-2019-5888 [MEDIUM] CWE-79 CVE-2019-5888: Multiple XSS vulnerabilities were discovered in OverIT Geocall 6.3 before build 2:346977.
Multiple XSS vulnerabilities were discovered in OverIT Geocall 6.3 before build 2:346977.
nvd