HomeAutomation version 3.3.2 suffers from persistent and reflective cross site scripting vulnerabilities.
MyDomoAtHome (MDAH) REST API Domoticz ISS Gateway 0.2.40 Information Disclosure
MyDomoAtHome REST API is affected by an information disclosure vulnerability due to improper access control enforcement. An unauthenticated remote attacker can exploit this, via a specially crafted request to gain access to sensitive information.
FreeBSD mqueuefs Privilege Escalation
Local root exploit for the FreeBSD mqueuefs vulnerability as disclosed in FreeBSD-SA-19:15.mqueuefs.
HomeAutomation 3.3.2 Authentication Bypass
HomeAutomation version 3.3.2 authentication bypass exploit.
FreeBSD fd Privilege Escalation
Local root exploit for the FreeBSD fd vulnerability as disclosed in FreeBSD-SA-19:02.fd.
HomeAutomation 3.3.2 Cross Site Request Forgery
HomeAutomation version 3.3.2 suffers from a cross site request forgery vulnerability.
HomeAutomation 3.3.2 CSRF / Code Execution
HomeAutomation version 3.3.2 suffers from a cross site request forgery vulnerability that allows for remote command execution.
HomeAutomation 3.3.2 Open Redirect
HomeAutomation version 3.3.2 suffers from an open redirection vulnerability.
Thrive Smart Home 1.1 Cross Site Scripting
Thrive Smart Home version 1.1 suffers from a cross site scripting vulnerability.
Thrive Smart Home 1.1 SQL Injection
Thrive Smart Home version 1.1 suffers from a remote SQL injection vulnerability that allows for authentication bypass.