Lucene search
K

225 matches found

Cvelist
Cvelist
added 2017/12/20 7:0 p.m.21 views

CVE-2017-16735

A SQL Injection issue was discovered in Ecava IntegraXor v 6.1.1030.1 and prior. The SQL Injection vulnerability has been identified, which generates an error in the database log...

5.8AI score0.01017EPSS
Exploits0References1
CVE
CVE
added 2017/12/20 7:0 p.m.49 views

CVE-2017-16735

CVE-2017-16735 is an SQL Injection vulnerability in Ecava IntegraXor (v6.1.1030.1 and prior). The flaw arises from improper handling/validation of user-supplied input in SQL commands (notably the getdata page name parameter), enabling disclosure of database information and generation of database ...

5.3CVSS5.8AI score0.01017EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2017/12/20 7:0 p.m.62 views

CVE-2017-16733

CVE-2017-16733 affects Ecava IntegraXor (v6.1.1030.1 and earlier). The vulnerability is an SQL Injection in the web interface that can disclose sensitive database information; the batchlist report parsing flaw is a specific instance described by ZDI. Exploitation is shown as remote and unauthenti...

5.3CVSS5.5AI score0.00919EPSS
Exploits0References1Affected Software1
Zero Day Initiative
Zero Day Initiative
added 2017/12/20 12:0 a.m.27 views

Ecava IntegraXor Report batchlist SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Ecava IntegraXor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the batchlist report page. When parsing the 'to' parameter, the process does...

5CVSS2.7AI score0.00919EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2017/12/20 12:0 a.m.28 views

Ecava IntegraXor Report getdata name SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Ecava IntegraXor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the name parameter provided to the getdata page. The issue...

5CVSS0.5AI score0.01017EPSS
Exploits0References1
ICS
ICS
added 2017/12/19 12:0 a.m.63 views

Ecava IntegraXor

CVSS v3 5.3 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Ecava Equipment: IntegraXor Vulnerabilities: SQL Injection AFFECTED PRODUCTS The following version of IntegraXor, a web SCADA/HMI solution, is affected: Ecava IntegraXor v 6.1.1030.1 and prior. IMPACT Successful...

5.3CVSS6.1AI score0.01017EPSS
Exploits0References3
Prion
Prion
added 2017/06/21 7:29 p.m.16 views

Sql injection

A SQL Injection issue was discovered in Ecava IntegraXor Versions 5.2.1231.0 and prior. The application fails to properly validate user input, which may allow for an unauthenticated attacker to remotely execute arbitrary code in the form of SQL queries...

7.5CVSS9.9AI score0.03536EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2017/06/21 7:29 p.m.2 views

CVE-2017-6050

A SQL Injection issue was discovered in Ecava IntegraXor Versions 5.2.1231.0 and prior. The application fails to properly validate user input, which may allow for an unauthenticated attacker to remotely execute arbitrary code in the form of SQL queries...

9.8CVSS6.1AI score0.03536EPSS
Exploits0References3
NVD
NVD
added 2017/06/21 7:29 p.m.17 views

CVE-2017-6050

A SQL Injection issue was discovered in Ecava IntegraXor Versions 5.2.1231.0 and prior. The application fails to properly validate user input, which may allow for an unauthenticated attacker to remotely execute arbitrary code in the form of SQL queries...

9.8CVSS9.9AI score0.03536EPSS
Exploits0References3
Cvelist
Cvelist
added 2017/06/21 7:0 p.m.22 views

CVE-2017-6050

A SQL Injection issue was discovered in Ecava IntegraXor Versions 5.2.1231.0 and prior. The application fails to properly validate user input, which may allow for an unauthenticated attacker to remotely execute arbitrary code in the form of SQL queries...

9.9AI score0.03536EPSS
Exploits0References3
CVE
CVE
added 2017/06/21 7:0 p.m.60 views

CVE-2017-6050

Ecava IntegraXor is affected by CVE-2017-6050 due to improper input validation that enables an unauthenticated attacker to remotely execute arbitrary SQL queries. Affected products include IntegraXor versions 5.2.1231.0 and prior. The vulnerability is categorized as SQL Injection (CWE-89). ICS-CE...

9.8CVSS9.8AI score0.03536EPSS
Exploits0References3Affected Software1
OpenVAS
OpenVAS
added 2017/06/21 12:0 a.m.18 views

ECAVA IntegraXor <= 5.2.1231.0 SQLi Vulnerability

ECAVA IntegraXor is prone to a SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ecava:integraxor...

9.8CVSS10AI score0.03536EPSS
Exploits0References1
CNVD
CNVD
added 2017/06/21 12:0 a.m.5 views

Ecava IntegraXor SQL Injection Vulnerability

Ecava IntegraXor is a toolset for creating and running human-machine interfaces for Web-based SCADA systems. Ecava IntegraXor suffers from a SQL injection vulnerability that could be exploited by remote attackers to submit specially crafted SQL queries to manipulate or obtain database data...

9.8CVSS8.1AI score0.03536EPSS
Exploits0References1
ICS
ICS
added 2017/06/20 12:0 a.m.42 views

Ecava IntegraXor

CVSS v3 7.3 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Ecava Equipment: IntegraXor Vulnerability: SQL Injection AFFECTED PRODUCTS The following versions of IntegraXor, a web SCADA/HMI solution, are affected: IntegraXor Versions 5.2.1231.0 and prior. IMPACT Successful...

9.8CVSS10AI score0.03536EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2017/02/22 12:0 a.m.14 views

Ecava IntegraXor 5.0.413.0 getdata Requests Handling Multiple SQLi

Binary data scadaappecavaintegraxor527222.nbin...

9.8CVSS9.8AI score0.01645EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2017/02/17 12:0 a.m.15 views

ECAVA IntegraXor <= 5.0.413.0 SQLi Vulnerability

ECAVA IntegraXor is prone to a SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ecava:integraxor...

9.8CVSS9.9AI score0.01645EPSS
Exploits0References2
Prion
Prion
added 2017/02/13 9:59 p.m.13 views

Sql injection

An issue was discovered in Ecava IntegraXor Version 5.0.413.0. The Ecava IntegraXor web server has parameters that are vulnerable to SQL injection. If the queries are not sanitized, the host's database could be subject to read, write, and delete commands...

7.5CVSS8AI score0.01645EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2017/02/13 9:59 p.m.4 views

CVE-2016-8341

An issue was discovered in Ecava IntegraXor Version 5.0.413.0. The Ecava IntegraXor web server has parameters that are vulnerable to SQL injection. If the queries are not sanitized, the host's database could be subject to read, write, and delete commands...

9.8CVSS5.8AI score0.01645EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2017/02/13 9:59 p.m.1 views

CVE-2016-8341

An issue was discovered in Ecava IntegraXor Version 5.0.413.0. The Ecava IntegraXor web server has parameters that are vulnerable to SQL injection. If the queries are not sanitized, the host's database could be subject to read, write, and delete commands...

9.8CVSS5.9AI score0.01645EPSS
Exploits0References3
NVD
NVD
added 2017/02/13 9:59 p.m.16 views

CVE-2016-8341

An issue was discovered in Ecava IntegraXor Version 5.0.413.0. The Ecava IntegraXor web server has parameters that are vulnerable to SQL injection. If the queries are not sanitized, the host's database could be subject to read, write, and delete commands...

9.8CVSS9.8AI score0.01645EPSS
Exploits0References2
Rows per page
Query Builder