Skip to main content

Integraxor

21 CVEs product

Monthly

CVE-2017-16735 MEDIUM This Month

A SQL Injection issue was discovered in Ecava IntegraXor v 6.1.1030.1 and prior. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Integraxor
NVD
CVSS 3.0
5.3
EPSS
0.2%
CVE-2017-16733 MEDIUM This Month

A SQL Injection issue was discovered in Ecava IntegraXor v 6.1.1030.1 and prior. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Integraxor
NVD
CVSS 3.0
5.3
EPSS
0.1%
CVE-2017-6050 CRITICAL Act Now

A SQL Injection issue was discovered in Ecava IntegraXor Versions 5.2.1231.0 and prior. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE SQLi Integraxor
NVD
CVSS 3.0
9.8
EPSS
1.2%
CVE-2016-8341 CRITICAL Act Now

An issue was discovered in Ecava IntegraXor Version 5.0.413.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Integraxor
NVD
CVSS 3.0
9.8
EPSS
0.3%
CVE-2016-2306 HIGH This Week

The HMI web server in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to obtain sensitive cleartext information by sniffing the network. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Integraxor
NVD
CVSS 3.0
7.5
EPSS
0.5%
CVE-2016-2305 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Integraxor
NVD
CVSS 3.0
6.1
EPSS
0.3%
CVE-2016-2304 MEDIUM This Month

Ecava IntegraXor before 5.0 build 4522 does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Integraxor
NVD
CVSS 3.0
4.3
EPSS
0.3%
CVE-2016-2303 MEDIUM This Month

CRLF injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection Integraxor
NVD
CVSS 3.0
5.3
EPSS
0.3%
CVE-2016-2302 MEDIUM This Month

Ecava IntegraXor before 5.0 build 4522 allows remote attackers to obtain sensitive information by reading detailed error messages. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Integraxor
NVD
CVSS 3.0
5.3
EPSS
0.3%
CVE-2016-2301 MEDIUM This Month

SQL injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Integraxor
NVD
CVSS 3.0
6.3
EPSS
0.1%
CVE-2016-2300 MEDIUM This Month

Ecava IntegraXor before 5.0 build 4522 allows remote attackers to bypass authentication and access unspecified web pages via unknown vectors. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Integraxor
NVD
CVSS 3.0
6.5
EPSS
0.2%
CVE-2016-2299 HIGH This Week

SQL injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Integraxor
NVD
CVSS 3.0
7.3
EPSS
1.3%
CVE-2015-0990 MEDIUM PATCH This Month

Untrusted search path vulnerability in Ecava IntegraXor SCADA Server before 4.2.4488 allows local users to gain privileges via a renamed DLL in the default install directory. Rated medium severity (CVSS 4.4).

Information Disclosure Integraxor
NVD
CVSS 2.0
4.4
EPSS
0.1%
CVE-2014-2377 MEDIUM This Month

Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows remote attackers to discover full pathnames via an application tag. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Integraxor
NVD
CVSS 2.0
5.0
EPSS
0.5%
CVE-2014-2376 HIGH PATCH This Week

SQL injection vulnerability in Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

SQLi Integraxor
NVD
CVSS 2.0
7.5
EPSS
0.3%
CVE-2014-2375 HIGH PATCH This Week

Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows remote attackers to read or write to arbitrary files, and obtain sensitive information or cause a denial. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable.

Denial Of Service Integraxor
NVD
CVSS 2.0
8.3
EPSS
0.6%
CVE-2014-0786 HIGH PATCH This Week

Ecava IntegraXor before 4.1.4393 allows remote attackers to read cleartext credentials for administrative accounts via SELECT statements that leverage the guest role. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Integraxor
NVD
CVSS 2.0
7.5
EPSS
1.9%
CVE-2014-0753 HIGH PATCH This Week

Stack-based buffer overflow in the SCADA server in Ecava IntegraXor before 4.1.4390 allows remote attackers to cause a denial of service (system crash) by triggering access to DLL code located in the. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity.

Stack Overflow Buffer Overflow Denial Of Service Integraxor
NVD
CVSS 2.0
7.8
EPSS
3.1%
CVE-2014-0752 HIGH PATCH This Week

The SCADA server in Ecava IntegraXor before 4.1.4369 allows remote attackers to read arbitrary project backup files via a crafted URL. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Integraxor
NVD
CVSS 2.0
7.5
EPSS
2.6%
CVE-2012-4700 CRITICAL PATCH Act Now

Multiple buffer overflows in an ActiveX control in PE3DO32A.ocx in IntegraXor SCADA Server 4.00 build 4250.0 and earlier allow remote attackers to execute arbitrary code via a crafted HTML document. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 10.8%.

Buffer Overflow RCE Integraxor
NVD
CVSS 2.0
9.3
EPSS
10.8%
CVE-2012-0246 CRITICAL Act Now

Directory traversal vulnerability in an unspecified ActiveX control in Ecava IntegraXor before 3.71.4200 allows remote attackers to execute arbitrary code via vectors involving an HTML document on. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Path Traversal RCE Integraxor
NVD
CVSS 2.0
9.3
EPSS
0.7%
EPSS 0% CVSS 5.3
MEDIUM This Month

A SQL Injection issue was discovered in Ecava IntegraXor v 6.1.1030.1 and prior. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Integraxor
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

A SQL Injection issue was discovered in Ecava IntegraXor v 6.1.1030.1 and prior. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Integraxor
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

A SQL Injection issue was discovered in Ecava IntegraXor Versions 5.2.1231.0 and prior. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE SQLi Integraxor
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

An issue was discovered in Ecava IntegraXor Version 5.0.413.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Integraxor
NVD
EPSS 0% CVSS 7.5
HIGH This Week

The HMI web server in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to obtain sensitive cleartext information by sniffing the network. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Integraxor
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Integraxor
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Ecava IntegraXor before 5.0 build 4522 does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Integraxor
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

CRLF injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection Integraxor
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

Ecava IntegraXor before 5.0 build 4522 allows remote attackers to obtain sensitive information by reading detailed error messages. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Integraxor
NVD
EPSS 0% CVSS 6.3
MEDIUM This Month

SQL injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Integraxor
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Ecava IntegraXor before 5.0 build 4522 allows remote attackers to bypass authentication and access unspecified web pages via unknown vectors. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Integraxor
NVD
EPSS 1% CVSS 7.3
HIGH This Week

SQL injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Integraxor
NVD
EPSS 0% CVSS 4.4
MEDIUM PATCH This Month

Untrusted search path vulnerability in Ecava IntegraXor SCADA Server before 4.2.4488 allows local users to gain privileges via a renamed DLL in the default install directory. Rated medium severity (CVSS 4.4).

Information Disclosure Integraxor
NVD
EPSS 1% CVSS 5.0
MEDIUM This Month

Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows remote attackers to discover full pathnames via an application tag. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Integraxor
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

SQL injection vulnerability in Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

SQLi Integraxor
NVD
EPSS 1% CVSS 8.3
HIGH PATCH This Week

Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows remote attackers to read or write to arbitrary files, and obtain sensitive information or cause a denial. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable.

Denial Of Service Integraxor
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Ecava IntegraXor before 4.1.4393 allows remote attackers to read cleartext credentials for administrative accounts via SELECT statements that leverage the guest role. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Integraxor
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

Stack-based buffer overflow in the SCADA server in Ecava IntegraXor before 4.1.4390 allows remote attackers to cause a denial of service (system crash) by triggering access to DLL code located in the. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity.

Stack Overflow Buffer Overflow Denial Of Service +1
NVD
EPSS 3% CVSS 7.5
HIGH PATCH This Week

The SCADA server in Ecava IntegraXor before 4.1.4369 allows remote attackers to read arbitrary project backup files via a crafted URL. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Integraxor
NVD
EPSS 11% CVSS 9.3
CRITICAL PATCH Act Now

Multiple buffer overflows in an ActiveX control in PE3DO32A.ocx in IntegraXor SCADA Server 4.00 build 4250.0 and earlier allow remote attackers to execute arbitrary code via a crafted HTML document. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 10.8%.

Buffer Overflow RCE Integraxor
NVD
EPSS 1% CVSS 9.3
CRITICAL Act Now

Directory traversal vulnerability in an unspecified ActiveX control in Ecava IntegraXor before 3.71.4200 allows remote attackers to execute arbitrary code via vectors involving an HTML document on. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Path Traversal RCE Integraxor
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy