Shodan
Vulnerabilities
Vulnerable Software
Ecava:  >> Integraxor  >> 3.72  Security Vulnerabilities
CVE-2017-16733
A SQL Injection issue was discovered in Ecava IntegraXor v 6.1.1030.1 and prior. The SQL Injection vulnerability has been identified, which an attacker can leverage to disclose sensitive information from the database.
CVSS Score
5.3
EPSS Score
0.002
Published
2017-12-20
CVE-2017-16735
A SQL Injection issue was discovered in Ecava IntegraXor v 6.1.1030.1 and prior. The SQL Injection vulnerability has been identified, which generates an error in the database log.
CVSS Score
5.3
EPSS Score
0.002
Published
2017-12-20
CVE-2017-6050
A SQL Injection issue was discovered in Ecava IntegraXor Versions 5.2.1231.0 and prior. The application fails to properly validate user input, which may allow for an unauthenticated attacker to remotely execute arbitrary code in the form of SQL queries.
CVSS Score
9.8
EPSS Score
0.013
Published
2017-06-21
CVE-2016-2306
The HMI web server in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to obtain sensitive cleartext information by sniffing the network.
CVSS Score
7.5
EPSS Score
0.004
Published
2016-04-22
CVE-2016-2305
Cross-site scripting (XSS) vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
CVSS Score
6.1
EPSS Score
0.002
Published
2016-04-22
CVE-2016-2304
Ecava IntegraXor before 5.0 build 4522 does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.
CVSS Score
4.3
EPSS Score
0.002
Published
2016-04-22
CVE-2016-2303
CRLF injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL.
CVSS Score
5.3
EPSS Score
0.003
Published
2016-04-22
CVE-2016-2302
Ecava IntegraXor before 5.0 build 4522 allows remote attackers to obtain sensitive information by reading detailed error messages.
CVSS Score
5.3
EPSS Score
0.003
Published
2016-04-22
CVE-2016-2301
SQL injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
CVSS Score
6.3
EPSS Score
0.001
Published
2016-04-22
CVE-2016-2300
Ecava IntegraXor before 5.0 build 4522 allows remote attackers to bypass authentication and access unspecified web pages via unknown vectors.
CVSS Score
6.5
EPSS Score
0.002
Published
2016-04-22


Products
Pricing
Contact Us

Shodan ® - All rights reserved