ZDI-17-1000: Ecava IntegraXor Report getdata name SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Ecava IntegraXor. Authentication is not required to exploit this vulnerability.

from ZDI: Published Advisories http://ift.tt/2z5HYSx