CVE-2016-2299 Information
Feb 14, 2021
cve
Description
SQL injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Reference
http://www.zerodayinitiative.com/advisories/ZDI-16-236 http://www.zerodayinitiative.com/advisories/ZDI-16-237 http://www.zerodayinitiative.com/advisories/ZDI-16-238 http://www.zerodayinitiative.com/advisories/ZDI-16-239 http://www.zerodayinitiative.com/advisories/ZDI-16-240 https://ics-cert.us-cert.gov/advisories/ICSA-16-105-03
Attack Complexity
LOW
Privileges Required
NONE
User Interaction Required
NONE
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
LOW
Availability Impact
LOW
Base Score
LOW
Base Severity
7.3
Share on: