3 matches found
Ecava IntegraXor web service allows directory traversal outside of web root
Overview Ecava IntegraXor contains a directory traversal vulnerability Description According to Ecava's website: IntegraXor is a suite of tools used to create and run a web-based HMI interface for a Supervisory Control and Data Acquisition SCADA system. Ecava IntegraXor runs a web service that...
ECAVA IntegraXor <= 3.6.4000.0 Directory Traversal Vulnerability - Active Check
ECAVA IntegraXor is prone to a directory traversal vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2010-4598
CVE-2010-4598 affects Ecava IntegraXor web-based SCADA UI, with vulnerable versions 3.6.4000.0 and earlier. The issue is a directory traversal in the open request where a crafted file_name parameter with “..” can cause the system to disclose arbitrary files outside the web root. Public records in...