CVE-2021-47795 - CERT CVE

  1. CVE-2021-47795

ID CVE-2021-47795
Sažetak GeoVision GeoWebServer 5.3.3 contains multiple vulnerabilities including local file inclusion, cross-site scripting, and remote code execution through improper input sanitization. Attackers can exploit the WebStrings.srf endpoint by manipulating path traversal and injection parameters to access system files and execute malicious scripts.
Reference
CVSS
Base: 6.2
Impact: 3.6
Exploitability:2.5
Pristup
VektorSloženostAutentikacija
LOCAL LOW NONE
Impact
PovjerljivostCjelovitostDostupnost
HIGH NONE NONE
CVSS vektor CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Zadnje važnije ažuriranje 16-01-2026 - 00:16
Objavljeno 16-01-2026 - 00:16