CVE-2016-8341
published 2017-02-13CVE-2016-8341: An issue was discovered in Ecava IntegraXor Version 5.0.413.0. The Ecava IntegraXor web server has parameters that are vulnerable to SQL injection. If the…
PriorityP355critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
1.65%
73.5th percentile
An issue was discovered in Ecava IntegraXor Version 5.0.413.0. The Ecava IntegraXor web server has parameters that are vulnerable to SQL injection. If the queries are not sanitized, the host's database could be subject to read, write, and delete commands.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ecava | integraxor | — | — |
CVSS provenance
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-gfgq-2r7j-vp6q: An issue was discovered in Ecava IntegraXor Version 5
ghsa_unreviewed·2022-05-17
CVE-2016-8341 [CRITICAL] CWE-89 GHSA-gfgq-2r7j-vp6q: An issue was discovered in Ecava IntegraXor Version 5
An issue was discovered in Ecava IntegraXor Version 5.0.413.0. The Ecava IntegraXor web server has parameters that are vulnerable to SQL injection. If the queries are not sanitized, the host's database could be subject to read, write, and delete commands.
CISA ICS
Ecava IntegraXor
cisa_ics·2017-02-14
Ecava IntegraXor
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Ecava IntegraXor
Last RevisedFebruary 14, 2017
Alert CodeICSA-17-031-02
## CVSS v3 7.3
ATTENTION: Remotely Exploitable/low skill level to exploit
Vendor: Ecava
Equipment: IntegraXor
Vulnerability: SQL Injection
## AFFECTED PRODUCTS
The following IntegraXor version is affected:
- IntegraXor Version 5.0.413.0
## IMPACT
A successful exploit of this vulnerability could lead to arbitrary data leakage, data manipulation, and remote code execution.
## MITIGATION
Ecava provides software update V5.2.722.2 for IntegraXor, which fixes this vulnerability and recommends users updat
No detection rules found.
No public exploits indexed.
2017-02-13
Published