Vulnerabilities > Ecava

DATE CVE VULNERABILITY TITLE RISK
2017-12-20 CVE-2017-16735 SQL Injection vulnerability in Ecava Integraxor
A SQL Injection issue was discovered in Ecava IntegraXor v 6.1.1030.1 and prior.
network
low complexity
ecava CWE-89
5.0
2017-12-20 CVE-2017-16733 SQL Injection vulnerability in Ecava Integraxor
A SQL Injection issue was discovered in Ecava IntegraXor v 6.1.1030.1 and prior.
network
low complexity
ecava CWE-89
5.0
2017-06-21 CVE-2017-6050 SQL Injection vulnerability in Ecava Integraxor
A SQL Injection issue was discovered in Ecava IntegraXor Versions 5.2.1231.0 and prior.
network
low complexity
ecava CWE-89
7.5
2017-02-13 CVE-2016-8341 SQL Injection vulnerability in Ecava Integraxor 5.0.413.0
An issue was discovered in Ecava IntegraXor Version 5.0.413.0.
network
low complexity
ecava CWE-89
7.5
2016-04-22 CVE-2016-2306 Cryptographic Issues vulnerability in Ecava Integraxor
The HMI web server in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to obtain sensitive cleartext information by sniffing the network.
network
low complexity
ecava CWE-310
7.8
2016-04-22 CVE-2016-2305 Cross-site Scripting vulnerability in Ecava Integraxor
Cross-site scripting (XSS) vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
network
ecava CWE-79
4.3
2016-04-22 CVE-2016-2304 Information Exposure vulnerability in Ecava Integraxor
Ecava IntegraXor before 5.0 build 4522 does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.
network
ecava CWE-200
4.3
2016-04-22 CVE-2016-2303 Unspecified vulnerability in Ecava Integraxor
CRLF injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL.
network
low complexity
ecava
5.0
2016-04-22 CVE-2016-2302 Information Exposure vulnerability in Ecava Integraxor
Ecava IntegraXor before 5.0 build 4522 allows remote attackers to obtain sensitive information by reading detailed error messages.
network
low complexity
ecava CWE-200
5.0
2016-04-22 CVE-2016-2301 SQL Injection vulnerability in Ecava Integraxor
SQL injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
network
low complexity
ecava CWE-89
6.5