QwikSec

Security Database

CVE

CWE

Training

CVE-2011-1562

Published: Apr 5, 2011

Modified: Aug 6, 2024

PUBLISHED

Description

Ecava IntegraXor HMI before n 3.60 (Build 4032) allows remote attackers to bypass authentication and execute arbitrary SQL statements via unspecified vectors related to a crafted POST request. NOTE: some sources have reported this issue as SQL injection, but this might not be accurate.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

third-party-advisory

x_refsource_SECUNIA

http://www.us-cert.gov/control_systems/pdf/ICSA-11-082-01.pdf

x_refsource_MISC

http://www.integraxor.com/blog/security-issue-20101222-0700-vulnerability-note

x_refsource_CONFIRM

vdb-entry

x_refsource_BID

vdb-entry

x_refsource_VUPEN

http://twitter.com/#%21/djrbliss/status/50685527749431296

x_refsource_MISC

integraxor-unspecified-sql-injection(66306)

vdb-entry

x_refsource_XF

http://www.integraxor.com/blog/security-issue-sql-unauthenticated-vulnerability-note

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.