Ecava Integraxor vulnerabilities
26 known vulnerabilities affecting ecava/integraxor.
Total CVEs
26
CISA KEV
0
Public exploits
2
Exploited in wild
1
Severity breakdown
CRITICAL6HIGH5MEDIUM15
Vulnerabilities
Page 2 of 2
CVE-2016-2305P4MEDIUMCVSS 6.1≤ 4.2.45022016-04-22
CVE-2016-2305 [MEDIUM] CWE-79 CVE-2016-2305: Cross-site scripting (XSS) vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote att
Cross-site scripting (XSS) vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
nvd
CVE-2016-2302P4MEDIUMCVSS 5.3≤ 4.2.45022016-04-22
CVE-2016-2302 [MEDIUM] CWE-200 CVE-2016-2302: Ecava IntegraXor before 5.0 build 4522 allows remote attackers to obtain sensitive information by re
Ecava IntegraXor before 5.0 build 4522 allows remote attackers to obtain sensitive information by reading detailed error messages.
nvd
CVE-2010-4599P4MEDIUMCVSS 6.9v3.6.4000.02010-12-23
CVE-2010-4599 [MEDIUM] CVE-2010-4599: Untrusted search path vulnerability in Ecava IntegraXor 3.6.4000.0 allows local users to gain privil
Untrusted search path vulnerability in Ecava IntegraXor 3.6.4000.0 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
nvd
CVE-2011-2958P4MEDIUMCVSS 4.3≤ 3.60.4061v3.5.3900.5+3 more2011-07-28
CVE-2011-2958 [MEDIUM] CWE-79 CVE-2011-2958: Multiple cross-site scripting (XSS) vulnerabilities in Ecava IntegraXor before 3.60 (Build 4080) all
Multiple cross-site scripting (XSS) vulnerabilities in Ecava IntegraXor before 3.60 (Build 4080) allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
nvd
CVE-2016-2304P4MEDIUMCVSS 4.3≤ 4.2.45022016-04-22
CVE-2016-2304 [MEDIUM] CWE-200 CVE-2016-2304: Ecava IntegraXor before 5.0 build 4522 does not include the HTTPOnly flag in a Set-Cookie header for
Ecava IntegraXor before 5.0 build 4522 does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.
nvd
CVE-2015-0990P4MEDIUMCVSS 4.4≤ 4.1.44502015-04-03
CVE-2015-0990 [MEDIUM] CVE-2015-0990: Untrusted search path vulnerability in Ecava IntegraXor SCADA Server before 4.2.4488 allows local us
Untrusted search path vulnerability in Ecava IntegraXor SCADA Server before 4.2.4488 allows local users to gain privileges via a renamed DLL in the default install directory.
nvd
← Previous2 / 2