CVE-2016-8341

Name of the Vulnerable Software and Affected Versions Ecava IntegraXor version 5.0.413.0

Description The issue concerns SQL injection vulnerability in the Ecava IntegraXor web server. Specifically, parameters are not properly sanitized, which could allow an attacker to execute read, write, and delete commands on the host's database. The getdata parameter is mentioned as being vulnerable to SQL injection, potentially leading to remote code execution.

Recommendations For Ecava IntegraXor version 5.0.413.0, consider restricting access to the getdata parameter in the web server to minimize the risk of exploitation until a patch is available. As a temporary workaround, ensure that all queries are properly sanitized to prevent SQL injection attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.