Описание
GeoVision GeoWebServer 5.3.3 contains multiple vulnerabilities including local file inclusion, cross-site scripting, and remote code execution through improper input sanitization. Attackers can exploit the WebStrings.srf endpoint by manipulating path traversal and injection parameters to access system files and execute malicious scripts.
EPSS
Процентиль: 31%
0.00115
Низкий
6.2 Medium
CVSS3
Дефекты
CWE-22
Связанные уязвимости
CVSS3: 6.2
github
23 дня назад
GeoVision GeoWebServer 5.3.3 contains multiple vulnerabilities including local file inclusion, cross-site scripting, and remote code execution through improper input sanitization. Attackers can exploit the WebStrings.srf endpoint by manipulating path traversal and injection parameters to access system files and execute malicious scripts.
EPSS
Процентиль: 31%
0.00115
Низкий
6.2 Medium
CVSS3
Дефекты
CWE-22