CVE-2017-16735

Name of the Vulnerable Software and Affected Versions Ecava IntegraXor versions 6.1.1030.1 and prior

Description A SQL Injection issue was discovered, which generates an error in the database log. This issue allows for potential information disclosure.

Recommendations For versions 6.1.1030.1 and prior, consider restricting access to the getdata API endpoint until a patch is available. As a temporary workaround, avoid using the name parameter in the affected API endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.