225 matches found
CVE-2017-16735
A SQL Injection issue was discovered in Ecava IntegraXor v 6.1.1030.1 and prior. The SQL Injection vulnerability has been identified, which generates an error in the database log...
CVE-2017-16735
CVE-2017-16735 is an SQL Injection vulnerability in Ecava IntegraXor (v6.1.1030.1 and prior). The flaw arises from improper handling/validation of user-supplied input in SQL commands (notably the getdata page name parameter), enabling disclosure of database information and generation of database ...
CVE-2017-16733
CVE-2017-16733 affects Ecava IntegraXor (v6.1.1030.1 and earlier). The vulnerability is an SQL Injection in the web interface that can disclose sensitive database information; the batchlist report parsing flaw is a specific instance described by ZDI. Exploitation is shown as remote and unauthenti...
Ecava IntegraXor Report batchlist SQL Injection Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Ecava IntegraXor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the batchlist report page. When parsing the 'to' parameter, the process does...
Ecava IntegraXor Report getdata name SQL Injection Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Ecava IntegraXor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the name parameter provided to the getdata page. The issue...
Ecava IntegraXor
CVSS v3 5.3 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Ecava Equipment: IntegraXor Vulnerabilities: SQL Injection AFFECTED PRODUCTS The following version of IntegraXor, a web SCADA/HMI solution, is affected: Ecava IntegraXor v 6.1.1030.1 and prior. IMPACT Successful...
Sql injection
A SQL Injection issue was discovered in Ecava IntegraXor Versions 5.2.1231.0 and prior. The application fails to properly validate user input, which may allow for an unauthenticated attacker to remotely execute arbitrary code in the form of SQL queries...
CVE-2017-6050
A SQL Injection issue was discovered in Ecava IntegraXor Versions 5.2.1231.0 and prior. The application fails to properly validate user input, which may allow for an unauthenticated attacker to remotely execute arbitrary code in the form of SQL queries...
CVE-2017-6050
A SQL Injection issue was discovered in Ecava IntegraXor Versions 5.2.1231.0 and prior. The application fails to properly validate user input, which may allow for an unauthenticated attacker to remotely execute arbitrary code in the form of SQL queries...
CVE-2017-6050
A SQL Injection issue was discovered in Ecava IntegraXor Versions 5.2.1231.0 and prior. The application fails to properly validate user input, which may allow for an unauthenticated attacker to remotely execute arbitrary code in the form of SQL queries...
CVE-2017-6050
Ecava IntegraXor is affected by CVE-2017-6050 due to improper input validation that enables an unauthenticated attacker to remotely execute arbitrary SQL queries. Affected products include IntegraXor versions 5.2.1231.0 and prior. The vulnerability is categorized as SQL Injection (CWE-89). ICS-CE...
ECAVA IntegraXor <= 5.2.1231.0 SQLi Vulnerability
ECAVA IntegraXor is prone to a SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ecava:integraxor...
Ecava IntegraXor SQL Injection Vulnerability
Ecava IntegraXor is a toolset for creating and running human-machine interfaces for Web-based SCADA systems. Ecava IntegraXor suffers from a SQL injection vulnerability that could be exploited by remote attackers to submit specially crafted SQL queries to manipulate or obtain database data...
Ecava IntegraXor
CVSS v3 7.3 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Ecava Equipment: IntegraXor Vulnerability: SQL Injection AFFECTED PRODUCTS The following versions of IntegraXor, a web SCADA/HMI solution, are affected: IntegraXor Versions 5.2.1231.0 and prior. IMPACT Successful...
Ecava IntegraXor 5.0.413.0 getdata Requests Handling Multiple SQLi
Binary data scadaappecavaintegraxor527222.nbin...
ECAVA IntegraXor <= 5.0.413.0 SQLi Vulnerability
ECAVA IntegraXor is prone to a SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ecava:integraxor...
Sql injection
An issue was discovered in Ecava IntegraXor Version 5.0.413.0. The Ecava IntegraXor web server has parameters that are vulnerable to SQL injection. If the queries are not sanitized, the host's database could be subject to read, write, and delete commands...
CVE-2016-8341
An issue was discovered in Ecava IntegraXor Version 5.0.413.0. The Ecava IntegraXor web server has parameters that are vulnerable to SQL injection. If the queries are not sanitized, the host's database could be subject to read, write, and delete commands...
CVE-2016-8341
An issue was discovered in Ecava IntegraXor Version 5.0.413.0. The Ecava IntegraXor web server has parameters that are vulnerable to SQL injection. If the queries are not sanitized, the host's database could be subject to read, write, and delete commands...
CVE-2016-8341
An issue was discovered in Ecava IntegraXor Version 5.0.413.0. The Ecava IntegraXor web server has parameters that are vulnerable to SQL injection. If the queries are not sanitized, the host's database could be subject to read, write, and delete commands...