Optergy BMS versions 2.0.3a and below account reset and username disclosure exploit.
>> ARCHIVE: 2019-11
Linear eMerge E3 versions 1.00-06 and below suffer from a privilege escalation vulnerability.
FUDForum version 3.0.9 suffers from remote code execution and stored cross site scripting vulnerabilities.
Prima FlexAir Access Control version 2.3.35 database backup predictable name exploit.
Nortek Linear eMerge E3 suffers from a cross site request forgery vulnerability.
Optergy Proton/Enterprise BMS versions 2.0.3a and below suffer from an add administrator cross site request forgery vulnerability.
Computrols CBAS-Web versions 19.0.0 and below suffer from a username enumeration vulnerability.
Nortek Linear eMerge E3 Access Controller versions 1.00-06 and below SSH/FTP remote root exploit.
Optergy Proton/Enterprise BMS versions 2.3.0a and below suffer from an open redirect vulnerability.
Optergy versions 2.3.0a and below authenticated file upload remote root code execution exploit.