Filtered by vendor Ecava
Subscriptions
Filtered by product Integraxor
Subscriptions
Total
26 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2012-4700 | 1 Ecava | 1 Integraxor | 2024-09-16 | N/A |
Multiple buffer overflows in an ActiveX control in PE3DO32A.ocx in IntegraXor SCADA Server 4.00 build 4250.0 and earlier allow remote attackers to execute arbitrary code via a crafted HTML document. | ||||
CVE-2010-4597 | 1 Ecava | 1 Integraxor | 2024-08-07 | N/A |
Stack-based buffer overflow in the save method in the IntegraXor.Project ActiveX control in igcomm.dll in Ecava IntegraXor Human-Machine Interface (HMI) before 3.5.3900.10 allows remote attackers to execute arbitrary code via a long string in the second argument. | ||||
CVE-2010-4598 | 1 Ecava | 1 Integraxor | 2024-08-07 | N/A |
Directory traversal vulnerability in Ecava IntegraXor 3.6.4000.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the file_name parameter in an open request. | ||||
CVE-2010-4599 | 1 Ecava | 1 Integraxor | 2024-08-07 | N/A |
Untrusted search path vulnerability in Ecava IntegraXor 3.6.4000.0 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
CVE-2011-2958 | 1 Ecava | 1 Integraxor | 2024-08-06 | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in Ecava IntegraXor before 3.60 (Build 4080) allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
CVE-2011-1562 | 1 Ecava | 1 Integraxor | 2024-08-06 | N/A |
Ecava IntegraXor HMI before n 3.60 (Build 4032) allows remote attackers to bypass authentication and execute arbitrary SQL statements via unspecified vectors related to a crafted POST request. NOTE: some sources have reported this issue as SQL injection, but this might not be accurate. | ||||
CVE-2012-0246 | 1 Ecava | 1 Integraxor | 2024-08-06 | N/A |
Directory traversal vulnerability in an unspecified ActiveX control in Ecava IntegraXor before 3.71.4200 allows remote attackers to execute arbitrary code via vectors involving an HTML document on the server. | ||||
CVE-2014-2375 | 1 Ecava | 1 Integraxor | 2024-08-06 | N/A |
Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows remote attackers to read or write to arbitrary files, and obtain sensitive information or cause a denial of service (disk consumption), via the CSV export feature. | ||||
CVE-2014-2377 | 1 Ecava | 1 Integraxor | 2024-08-06 | N/A |
Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows remote attackers to discover full pathnames via an application tag. | ||||
CVE-2014-2376 | 1 Ecava | 1 Integraxor | 2024-08-06 | N/A |
SQL injection vulnerability in Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
CVE-2014-0753 | 1 Ecava | 1 Integraxor | 2024-08-06 | N/A |
Stack-based buffer overflow in the SCADA server in Ecava IntegraXor before 4.1.4390 allows remote attackers to cause a denial of service (system crash) by triggering access to DLL code located in the IntegraXor directory. | ||||
CVE-2014-0786 | 1 Ecava | 1 Integraxor | 2024-08-06 | N/A |
Ecava IntegraXor before 4.1.4393 allows remote attackers to read cleartext credentials for administrative accounts via SELECT statements that leverage the guest role. | ||||
CVE-2014-0752 | 1 Ecava | 1 Integraxor | 2024-08-06 | N/A |
The SCADA server in Ecava IntegraXor before 4.1.4369 allows remote attackers to read arbitrary project backup files via a crafted URL. | ||||
CVE-2015-0990 | 1 Ecava | 1 Integraxor | 2024-08-06 | N/A |
Untrusted search path vulnerability in Ecava IntegraXor SCADA Server before 4.2.4488 allows local users to gain privileges via a renamed DLL in the default install directory. | ||||
CVE-2016-8341 | 1 Ecava | 1 Integraxor | 2024-08-06 | N/A |
An issue was discovered in Ecava IntegraXor Version 5.0.413.0. The Ecava IntegraXor web server has parameters that are vulnerable to SQL injection. If the queries are not sanitized, the host's database could be subject to read, write, and delete commands. | ||||
CVE-2016-2300 | 1 Ecava | 1 Integraxor | 2024-08-05 | N/A |
Ecava IntegraXor before 5.0 build 4522 allows remote attackers to bypass authentication and access unspecified web pages via unknown vectors. | ||||
CVE-2016-2305 | 1 Ecava | 1 Integraxor | 2024-08-05 | N/A |
Cross-site scripting (XSS) vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | ||||
CVE-2016-2302 | 1 Ecava | 1 Integraxor | 2024-08-05 | N/A |
Ecava IntegraXor before 5.0 build 4522 allows remote attackers to obtain sensitive information by reading detailed error messages. | ||||
CVE-2016-2299 | 1 Ecava | 1 Integraxor | 2024-08-05 | N/A |
SQL injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
CVE-2016-2303 | 1 Ecava | 1 Integraxor | 2024-08-05 | N/A |
CRLF injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL. |