cbcvebase.

Ecava Integraxor vulnerabilities

26 known vulnerabilities affecting ecava/integraxor.

Total CVEs
26
CISA KEV
0
Public exploits
2
Exploited in wild
1
Severity breakdown
CRITICAL6HIGH5MEDIUM15

Vulnerabilities

Page 2 of 2
CVE-2016-2305P4MEDIUMCVSS 6.1≤ 4.2.45022016-04-22
CVE-2016-2305 [MEDIUM] CWE-79 CVE-2016-2305: Cross-site scripting (XSS) vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote att Cross-site scripting (XSS) vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
nvd
CVE-2016-2302P4MEDIUMCVSS 5.3≤ 4.2.45022016-04-22
CVE-2016-2302 [MEDIUM] CWE-200 CVE-2016-2302: Ecava IntegraXor before 5.0 build 4522 allows remote attackers to obtain sensitive information by re Ecava IntegraXor before 5.0 build 4522 allows remote attackers to obtain sensitive information by reading detailed error messages.
nvd
CVE-2010-4599P4MEDIUMCVSS 6.9v3.6.4000.02010-12-23
CVE-2010-4599 [MEDIUM] CVE-2010-4599: Untrusted search path vulnerability in Ecava IntegraXor 3.6.4000.0 allows local users to gain privil Untrusted search path vulnerability in Ecava IntegraXor 3.6.4000.0 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
nvd
CVE-2011-2958P4MEDIUMCVSS 4.3≤ 3.60.4061v3.5.3900.5+3 more2011-07-28
CVE-2011-2958 [MEDIUM] CWE-79 CVE-2011-2958: Multiple cross-site scripting (XSS) vulnerabilities in Ecava IntegraXor before 3.60 (Build 4080) all Multiple cross-site scripting (XSS) vulnerabilities in Ecava IntegraXor before 3.60 (Build 4080) allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
nvd
CVE-2016-2304P4MEDIUMCVSS 4.3≤ 4.2.45022016-04-22
CVE-2016-2304 [MEDIUM] CWE-200 CVE-2016-2304: Ecava IntegraXor before 5.0 build 4522 does not include the HTTPOnly flag in a Set-Cookie header for Ecava IntegraXor before 5.0 build 4522 does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.
nvd
CVE-2015-0990P4MEDIUMCVSS 4.4≤ 4.1.44502015-04-03
CVE-2015-0990 [MEDIUM] CVE-2015-0990: Untrusted search path vulnerability in Ecava IntegraXor SCADA Server before 4.2.4488 allows local us Untrusted search path vulnerability in Ecava IntegraXor SCADA Server before 4.2.4488 allows local users to gain privileges via a renamed DLL in the default install directory.
nvd
Ecava Integraxor vulnerabilities | cvebase