Vulnerabilities > Ecava > Medium

DATE CVE VULNERABILITY TITLE RISK
2014-05-01 CVE-2014-0786 Cryptographic Issues vulnerability in Ecava Integraxor
Ecava IntegraXor before 4.1.4393 allows remote attackers to read cleartext credentials for administrative accounts via SELECT statements that leverage the guest role.
network
low complexity
ecava CWE-310
5.0
2014-01-09 CVE-2014-0752 Permissions, Privileges, and Access Controls vulnerability in Ecava Integraxor
The SCADA server in Ecava IntegraXor before 4.1.4369 allows remote attackers to read arbitrary project backup files via a crafted URL.
network
low complexity
ecava CWE-264
5.0
2011-07-28 CVE-2011-2958 Cross-Site Scripting vulnerability in Ecava Integraxor
Multiple cross-site scripting (XSS) vulnerabilities in Ecava IntegraXor before 3.60 (Build 4080) allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
network
ecava CWE-79
4.3
2010-12-23 CVE-2010-4599 DLL Loading Arbitrary Code Execution vulnerability in Ecava Integraxor 3.6.4000.0
Untrusted search path vulnerability in Ecava IntegraXor 3.6.4000.0 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory.
local
ecava
6.9
2010-12-23 CVE-2010-4598 Path Traversal vulnerability in Ecava Integraxor 3.5.3900.10/3.5.3900.5/3.6.4000.0
Directory traversal vulnerability in Ecava IntegraXor 3.6.4000.0 and earlier allows remote attackers to read arbitrary files via a ..
network
low complexity
ecava CWE-22
5.0