Vulnerabilities > Ecava > Integraxor
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-12-20 | CVE-2017-16735 | SQL Injection vulnerability in Ecava Integraxor A SQL Injection issue was discovered in Ecava IntegraXor v 6.1.1030.1 and prior. | 5.0 |
| 2017-12-20 | CVE-2017-16733 | SQL Injection vulnerability in Ecava Integraxor A SQL Injection issue was discovered in Ecava IntegraXor v 6.1.1030.1 and prior. | 5.0 |
| 2017-06-21 | CVE-2017-6050 | SQL Injection vulnerability in Ecava Integraxor A SQL Injection issue was discovered in Ecava IntegraXor Versions 5.2.1231.0 and prior. | 7.5 |
| 2017-02-13 | CVE-2016-8341 | SQL Injection vulnerability in Ecava Integraxor 5.0.413.0 An issue was discovered in Ecava IntegraXor Version 5.0.413.0. | 7.5 |
| 2016-04-22 | CVE-2016-2306 | Cryptographic Issues vulnerability in Ecava Integraxor The HMI web server in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to obtain sensitive cleartext information by sniffing the network. | 7.8 |
| 2016-04-22 | CVE-2016-2305 | Cross-site Scripting vulnerability in Ecava Integraxor Cross-site scripting (XSS) vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | 4.3 |
| 2016-04-22 | CVE-2016-2304 | Information Exposure vulnerability in Ecava Integraxor Ecava IntegraXor before 5.0 build 4522 does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie. | 4.3 |
| 2016-04-22 | CVE-2016-2303 | Unspecified vulnerability in Ecava Integraxor CRLF injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL. | 5.0 |
| 2016-04-22 | CVE-2016-2302 | Information Exposure vulnerability in Ecava Integraxor Ecava IntegraXor before 5.0 build 4522 allows remote attackers to obtain sensitive information by reading detailed error messages. | 5.0 |
| 2016-04-22 | CVE-2016-2301 | SQL Injection vulnerability in Ecava Integraxor SQL injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | 6.5 |