Vulnerabilities > Echor Project

DATE CVE VULNERABILITY TITLE RISK
2018-02-02 CVE-2014-1835 Credentials Management vulnerability in Echor Project Echor 0.1.6
The perform_request function in /lib/echor/backplane.rb in echor 0.1.6 Ruby Gem allows local users to steal the login credentials by watching the process table.
local
low complexity
echor-project CWE-255
7.8
2018-02-02 CVE-2014-1834 Command Injection vulnerability in Echor Project Echor 0.1.6
The perform_request function in /lib/echor/backplane.rb in echor 0.1.6 Ruby Gem allows local users to inject arbitrary code by adding a semi-colon in their username or password.
local
low complexity
echor-project CWE-77
7.8