HomeAutomation version 3.3.2 suffers from persistent and reflective cross site scripting vulnerabilities.
>> ARCHIVE: 2019-12
MyDomoAtHome REST API is affected by an information disclosure vulnerability due to improper access control enforcement. An unauthenticated remote attacker can exploit this, via a specially crafted request to gain…
Local root exploit for the FreeBSD mqueuefs vulnerability as disclosed in FreeBSD-SA-19:15.mqueuefs.
HomeAutomation version 3.3.2 authentication bypass exploit.
Local root exploit for the FreeBSD fd vulnerability as disclosed in FreeBSD-SA-19:02.fd.
HomeAutomation version 3.3.2 suffers from a cross site request forgery vulnerability.
HomeAutomation version 3.3.2 suffers from a cross site request forgery vulnerability that allows for remote command execution.
HomeAutomation version 3.3.2 suffers from an open redirection vulnerability.
Thrive Smart Home version 1.1 suffers from a cross site scripting vulnerability.
Thrive Smart Home version 1.1 suffers from a remote SQL injection vulnerability that allows for authentication bypass.