Vulnerabilities (CVE)

Filtered by vendor Ecava Subscribe
Filtered by product Integraxor
Total 26 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2012-0246 1 Ecava 1 Integraxor 2024-11-21 9.3 HIGH N/A
Directory traversal vulnerability in an unspecified ActiveX control in Ecava IntegraXor before 3.71.4200 allows remote attackers to execute arbitrary code via vectors involving an HTML document on the server.
CVE-2011-2958 1 Ecava 1 Integraxor 2024-11-21 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in Ecava IntegraXor before 3.60 (Build 4080) allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2011-1562 1 Ecava 1 Integraxor 2024-11-21 7.5 HIGH N/A
Ecava IntegraXor HMI before n 3.60 (Build 4032) allows remote attackers to bypass authentication and execute arbitrary SQL statements via unspecified vectors related to a crafted POST request. NOTE: some sources have reported this issue as SQL injection, but this might not be accurate.
CVE-2010-4599 1 Ecava 1 Integraxor 2024-11-21 6.9 MEDIUM N/A
Untrusted search path vulnerability in Ecava IntegraXor 3.6.4000.0 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2010-4598 1 Ecava 1 Integraxor 2024-11-21 5.0 MEDIUM N/A
Directory traversal vulnerability in Ecava IntegraXor 3.6.4000.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the file_name parameter in an open request.
CVE-2010-4597 1 Ecava 1 Integraxor 2024-11-21 10.0 HIGH N/A
Stack-based buffer overflow in the save method in the IntegraXor.Project ActiveX control in igcomm.dll in Ecava IntegraXor Human-Machine Interface (HMI) before 3.5.3900.10 allows remote attackers to execute arbitrary code via a long string in the second argument.