Overit: >> Geocall Security Vulnerabilities
An issue was discovered in OverIT Geocall before 8.0. An authenticated user who has the Test Trasformazione XSL functionality enabled can exploit a XSLT Injection vulnerability. Attackers could exploit this issue to achieve remote code execution.
CVSS Score
8.8
EPSS Score
0.051
Published
2022-03-10
An issue was discovered in OverIT Geocall before version 8.0. An authenticated user who has the Test Trasformazione XSL functionality enabled can exploit a XXE vulnerability to read arbitrary files from the filesystem.
CVSS Score
6.5
EPSS Score
0.022
Published
2022-03-10
Multiple XSS vulnerabilities were discovered in OverIT Geocall 6.3 before build 2:346977.
CVSS Score
6.1
EPSS Score
0.004
Published
2019-04-01
An log-management directory traversal issue was discovered in OverIT Geocall 6.3 before build 2:346977.
CVSS Score
7.5
EPSS Score
0.006
Published
2019-04-01
An issue was discovered in OverIT Geocall 6.3 before build 2:346977. Weak authentication and session management allows an authenticated user to obtain access to the Administrative control panel and execute administrative functions.
CVSS Score
8.8
EPSS Score
0.01
Published
2019-04-01
An issue was discovered in OverIT Geocall 6.3 before build 2:346977. An unauthenticated servlet allows an attacker to obtain a cookie of an authenticated user, and login to the web application.
CVSS Score
9.8
EPSS Score
0.01
Published
2019-04-01