Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Ecava IntegraXor < 3.60.4050 Unspecified SQL Injection

Critical

Synopsis

A vulnerable version of Ecava IntegraXor has been detected.

Description

Ecava IntegraXor versions prior to 3.60.4050 contain an unspecified SQL injection vulnerability. This vulnerability can be exploited by an unauthenticated remote attacker sending specially crafted HTTP POST requests to the IntegraXor server. This can lead to data leakage, data manipulation, and remote code execution against the backend host running the database service.

Solution

Upgrade to IntegraXor version 3.60.4050 or later.