Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Ecava Subscribe

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 8 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-16735 1 Ecava 1 Integraxor 2018-01-04 5.0 MEDIUM 5.3 MEDIUM
A SQL Injection issue was discovered in Ecava IntegraXor v 6.1.1030.1 and prior. The SQL Injection vulnerability has been identified, which generates an error in the database log.
CVE-2017-16733 1 Ecava 1 Integraxor 2018-01-04 5.0 MEDIUM 5.3 MEDIUM
A SQL Injection issue was discovered in Ecava IntegraXor v 6.1.1030.1 and prior. The SQL Injection vulnerability has been identified, which an attacker can leverage to disclose sensitive information from the database.
CVE-2016-2304 1 Ecava 1 Integraxor 2016-04-28 4.3 MEDIUM 4.3 MEDIUM
Ecava IntegraXor before 5.0 build 4522 does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.
CVE-2016-2305 1 Ecava 1 Integraxor 2016-04-27 4.3 MEDIUM 6.1 MEDIUM
Cross-site scripting (XSS) vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
CVE-2016-2303 1 Ecava 1 Integraxor 2016-04-27 5.0 MEDIUM 5.3 MEDIUM
CRLF injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL.
CVE-2016-2300 1 Ecava 1 Integraxor 2016-04-27 6.4 MEDIUM 6.5 MEDIUM
Ecava IntegraXor before 5.0 build 4522 allows remote attackers to bypass authentication and access unspecified web pages via unknown vectors.
CVE-2016-2302 1 Ecava 1 Integraxor 2016-04-27 5.0 MEDIUM 5.3 MEDIUM
Ecava IntegraXor before 5.0 build 4522 allows remote attackers to obtain sensitive information by reading detailed error messages.
CVE-2016-2301 1 Ecava 1 Integraxor 2016-04-27 6.5 MEDIUM 6.3 MEDIUM
SQL injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.