ecava

Top products

The 15 most recently published vulnerabilities affecting ecava.

• CVE-2017-16735A SQL Injection issue was discovered in Ecava IntegraXor v 6.1.1030.1 and prior. The SQL Injection vulnerability has been identified, which generates an error in the database log.5.3Dec 20, 2017
• CVE-2017-16733A SQL Injection issue was discovered in Ecava IntegraXor v 6.1.1030.1 and prior. The SQL Injection vulnerability has been identified, which an attacker can leverage to disclose sensitive informatio...5.3Dec 20, 2017
• CVE-2017-6050A SQL Injection issue was discovered in Ecava IntegraXor Versions 5.2.1231.0 and prior. The application fails to properly validate user input, which may allow for an unauthenticated attacker to rem...9.8Jun 21, 2017
• CVE-2016-8341An issue was discovered in Ecava IntegraXor Version 5.0.413.0. The Ecava IntegraXor web server has parameters that are vulnerable to SQL injection. If the queries are not sanitized, the host's data...9.8Feb 13, 2017
• CVE-2016-2306The HMI web server in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to obtain sensitive cleartext information by sniffing the network.7.5Apr 22, 2016
• CVE-2016-2305Cross-site scripting (XSS) vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.6.1Apr 22, 2016
• CVE-2016-2304Ecava IntegraXor before 5.0 build 4522 does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive i...4.3Apr 22, 2016
• CVE-2016-2303CRLF injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL.5.3Apr 22, 2016
• CVE-2016-2302Ecava IntegraXor before 5.0 build 4522 allows remote attackers to obtain sensitive information by reading detailed error messages.5.3Apr 22, 2016
• CVE-2016-2301SQL injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.6.3Apr 22, 2016
• CVE-2016-2300Ecava IntegraXor before 5.0 build 4522 allows remote attackers to bypass authentication and access unspecified web pages via unknown vectors.6.5Apr 22, 2016
• CVE-2016-2299SQL injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.7.3Apr 22, 2016
• CVE-2015-0990Untrusted search path vulnerability in Ecava IntegraXor SCADA Server before 4.2.4488 allows local users to gain privileges via a renamed DLL in the default install directory.4.4Apr 3, 2015
• CVE-2014-2377Ecava IntegraXor SCADA Server Information Exposure Through Environmental Variables5.0Sep 15, 2014
• CVE-2014-2376Ecava IntegraXor SCADA Server SQL Injection7.5Sep 15, 2014