Search
Total
14 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-1562 | 1 Ecava | 1 Integraxor | 2018-08-13 | 7.5 HIGH | N/A |
| Ecava IntegraXor HMI before n 3.60 (Build 4032) allows remote attackers to bypass authentication and execute arbitrary SQL statements via unspecified vectors related to a crafted POST request. NOTE: some sources have reported this issue as SQL injection, but this might not be accurate. | |||||
| CVE-2012-0246 | 1 Ecava | 1 Integraxor | 2018-01-06 | 9.3 HIGH | N/A |
| Directory traversal vulnerability in an unspecified ActiveX control in Ecava IntegraXor before 3.71.4200 allows remote attackers to execute arbitrary code via vectors involving an HTML document on the server. | |||||
| CVE-2011-2958 | 1 Ecava | 1 Integraxor | 2017-08-29 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Ecava IntegraXor before 3.60 (Build 4080) allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2014-0753 | 1 Ecava | 1 Integraxor | 2015-08-21 | 7.8 HIGH | N/A |
| Stack-based buffer overflow in the SCADA server in Ecava IntegraXor before 4.1.4390 allows remote attackers to cause a denial of service (system crash) by triggering access to DLL code located in the IntegraXor directory. | |||||
| CVE-2015-0990 | 1 Ecava | 1 Integraxor | 2015-04-03 | 4.4 MEDIUM | N/A |
| Untrusted search path vulnerability in Ecava IntegraXor SCADA Server before 4.2.4488 allows local users to gain privileges via a renamed DLL in the default install directory. | |||||
| CVE-2014-2375 | 1 Ecava | 1 Integraxor | 2014-09-16 | 9.0 HIGH | N/A |
| Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows remote attackers to read or write to arbitrary files, and obtain sensitive information or cause a denial of service (disk consumption), via the CSV export feature. | |||||
| CVE-2014-2376 | 1 Ecava | 1 Integraxor | 2014-09-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2014-2377 | 1 Ecava | 1 Integraxor | 2014-09-16 | 5.0 MEDIUM | N/A |
| Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows remote attackers to discover full pathnames via an application tag. | |||||
| CVE-2014-0786 | 1 Ecava | 1 Integraxor | 2014-05-01 | 5.0 MEDIUM | N/A |
| Ecava IntegraXor before 4.1.4393 allows remote attackers to read cleartext credentials for administrative accounts via SELECT statements that leverage the guest role. | |||||
| CVE-2014-0752 | 1 Ecava | 1 Integraxor | 2014-01-10 | 5.0 MEDIUM | N/A |
| The SCADA server in Ecava IntegraXor before 4.1.4369 allows remote attackers to read arbitrary project backup files via a crafted URL. | |||||
| CVE-2012-4700 | 1 Ecava | 1 Integraxor | 2013-02-08 | 9.3 HIGH | N/A |
| Multiple buffer overflows in an ActiveX control in PE3DO32A.ocx in IntegraXor SCADA Server 4.00 build 4250.0 and earlier allow remote attackers to execute arbitrary code via a crafted HTML document. | |||||
| CVE-2010-4598 | 1 Ecava | 1 Integraxor | 2011-01-14 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Ecava IntegraXor 3.6.4000.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the file_name parameter in an open request. | |||||
| CVE-2010-4597 | 1 Ecava | 1 Integraxor | 2011-01-11 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the save method in the IntegraXor.Project ActiveX control in igcomm.dll in Ecava IntegraXor Human-Machine Interface (HMI) before 3.5.3900.10 allows remote attackers to execute arbitrary code via a long string in the second argument. | |||||
| CVE-2010-4599 | 1 Ecava | 1 Integraxor | 2011-01-11 | 6.9 MEDIUM | N/A |
| Untrusted search path vulnerability in Ecava IntegraXor 3.6.4000.0 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||