ecava 漏洞与 CVE 列表(26)

产品(CPE): — CVE 数: 26

ecava 漏洞概览

汇总 ecava 相关全部产品的 CVE 与安全漏洞情报,包括 CVSS、EPSS、公开时间与漏洞情报数据。

历史漏洞主要涉及 路径处理缺陷与缓冲区溢出 等问题,部分漏洞可能导致 内存损坏,并影响 生产负载与软件部署 相关场景。

相关漏洞数据主要来源于公开漏洞披露与安全公告,可用于评估历史漏洞暴露面与修复优先级。

漏洞分布趋势(近 24 个月)

显示 12026 CVE 数
«« 第一页 « 上一页 第 1 / 2 页 下一页 »
CVE 摘要 来源 最高 CVSS EPSS % 公开时间 更新时间
CVE-2017-16735 A SQL Injection issue was discovered in Ecava IntegraXor v 6.1.1030.1 and prior. The SQL Injection vulnerability has been identified, which generates an error in the database log. [email protected] 5.3 1.02% 2017-12-20 2026-06-16
CVE-2017-16733 A SQL Injection issue was discovered in Ecava IntegraXor v 6.1.1030.1 and prior. The SQL Injection vulnerability has been identified, which an attacker can leverage to disclose sensitive information from the database. [email protected] 5.3 0.92% 2017-12-20 2026-06-16
CVE-2017-6050 A SQL Injection issue was discovered in Ecava IntegraXor Versions 5.2.1231.0 and prior. The application fails to properly validate user input, which may allow for an unauthenticated attacker to remotely execute arbitrary code in the form of SQL queries. [email protected] 9.8 3.54% 2017-06-21 2026-06-16
CVE-2016-8341 An issue was discovered in Ecava IntegraXor Version 5.0.413.0. The Ecava IntegraXor web server has parameters that are vulnerable to SQL injection. If the queries are not sanitized, the host's database could be subject to read, write, and delete commands. [email protected] 9.8 1.65% 2017-02-13 2026-06-16
CVE-2016-2306 The HMI web server in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to obtain sensitive cleartext information by sniffing the network. [email protected] 7.5 1.85% 2016-04-21 2026-06-16
CVE-2016-2305 Cross-site scripting (XSS) vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. [email protected] 6.1 0.91% 2016-04-21 2026-06-16
CVE-2016-2304 Ecava IntegraXor before 5.0 build 4522 does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie. [email protected] 4.3 1.06% 2016-04-21 2026-06-16
CVE-2016-2303 CRLF injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL. [email protected] 5.3 1.05% 2016-04-21 2026-06-16
CVE-2016-2302 Ecava IntegraXor before 5.0 build 4522 allows remote attackers to obtain sensitive information by reading detailed error messages. [email protected] 5.3 1.18% 2016-04-21 2026-06-16
CVE-2016-2301 SQL injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. [email protected] 6.3 0.80% 2016-04-21 2026-06-16
CVE-2016-2300 Ecava IntegraXor before 5.0 build 4522 allows remote attackers to bypass authentication and access unspecified web pages via unknown vectors. [email protected] 6.5 1.17% 2016-04-21 2026-06-16
CVE-2016-2299 SQL injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. [email protected] 7.3 1.43% 2016-04-21 2026-06-16
CVE-2015-0990 Untrusted search path vulnerability in Ecava IntegraXor SCADA Server before 4.2.4488 allows local users to gain privileges via a renamed DLL in the default install directory. [email protected] 4.4 0.36% 2015-04-03 2026-06-16
CVE-2014-2377 Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows remote attackers to discover full pathnames via an application tag. [email protected] 5.0 1.84% 2014-09-15 2026-06-16
CVE-2014-2376 SQL injection vulnerability in Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors. [email protected] 7.5 2.04% 2014-09-15 2026-06-16
CVE-2014-2375 Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows remote attackers to read or write to arbitrary files, and obtain sensitive information or cause a denial of service (disk consumption), via the CSV export feature. [email protected] 8.3 2.31% 2014-09-15 2026-06-16
CVE-2014-0786 Ecava IntegraXor before 4.1.4393 allows remote attackers to read cleartext credentials for administrative accounts via SELECT statements that leverage the guest role. [email protected] 7.5 2.65% 2014-04-30 2026-06-16
CVE-2014-0753 Stack-based buffer overflow in the SCADA server in Ecava IntegraXor before 4.1.4390 allows remote attackers to cause a denial of service (system crash) by triggering access to DLL code located in the IntegraXor directory. [email protected] 7.8 2.52% 2014-01-20 2026-06-16
CVE-2014-0752 The SCADA server in Ecava IntegraXor before 4.1.4369 allows remote attackers to read arbitrary project backup files via a crafted URL. [email protected] 7.5 1.63% 2014-01-09 2026-06-16
CVE-2012-4700 Multiple buffer overflows in an ActiveX control in PE3DO32A.ocx in IntegraXor SCADA Server 4.00 build 4250.0 and earlier allow remote attackers to execute arbitrary code via a crafted HTML document. [email protected] 9.3 3.77% 2013-02-08 2026-06-16
«« 第一页 « 上一页 第 1 / 2 页 下一页 »
cvelogic Threat Intelligence