Geocall Security Vulnerabilities and Issues — Geocall CVE List

Lucene search

OveritGeocall

6 matches found

CVE•added 2022/03/10 5:45 p.m.•156 views

CVE-2022-22834

An issue was discovered in OverIT Geocall before 8.0. An authenticated user who has the Test Trasformazione XSL functionality enabled can exploit a XSLT Injection vulnerability. Attackers could exploit this issue to achieve remote code execution.

8.8CVSS8.9AI score0.05147EPSS

CVE•added 2022/03/10 5:45 p.m.•91 views

CVE-2022-22835

An issue was discovered in OverIT Geocall before version 8.0. An authenticated user who has the Test Trasformazione XSL functionality enabled can exploit a XXE vulnerability to read arbitrary files from the filesystem.

6.5CVSS6.3AI score0.02222EPSS

CVE•added 2019/04/01 4:29 p.m.•46 views

CVE-2019-5891

An issue was discovered in OverIT Geocall 6.3 before build 2:346977. An unauthenticated servlet allows an attacker to obtain a cookie of an authenticated user, and login to the web application.

9.8CVSS9.1AI score0.00992EPSS

CVE•added 2019/04/01 4:29 p.m.•35 views

CVE-2019-5890

An issue was discovered in OverIT Geocall 6.3 before build 2:346977. Weak authentication and session management allows an authenticated user to obtain access to the Administrative control panel and execute administrative functions.

9CVSS8.7AI score0.01015EPSS

CVE•added 2019/04/01 4:29 p.m.•30 views

CVE-2019-5889

An log-management directory traversal issue was discovered in OverIT Geocall 6.3 before build 2:346977.

7.5CVSS7.5AI score0.00552EPSS

CVE•added 2019/04/01 4:29 p.m.•26 views

CVE-2019-5888

Multiple XSS vulnerabilities were discovered in OverIT Geocall 6.3 before build 2:346977.

6.1CVSS6.2AI score0.00408EPSS