FUDForum version 3.0.9 suffers from remote code execution and stored cross site scripting vulnerabilities.
>> AUTHOR: deepcore
Prima FlexAir Access Control version 2.3.35 database backup predictable name exploit.
Nortek Linear eMerge E3 suffers from a cross site request forgery vulnerability.
Optergy Proton/Enterprise BMS versions 2.0.3a and below suffer from an add administrator cross site request forgery vulnerability.
Computrols CBAS-Web versions 19.0.0 and below suffer from a username enumeration vulnerability.
Nortek Linear eMerge E3 Access Controller versions 1.00-06 and below SSH/FTP remote root exploit.
Optergy Proton/Enterprise BMS versions 2.3.0a and below suffer from an open redirect vulnerability.
Optergy versions 2.3.0a and below authenticated file upload remote root code execution exploit.
FlexAir Access Control versions 2.3.38 and below remote root command injection exploit.
FlexAir Access Control version 2.3.38 authenticated remote root exploit that leverages command injection via a SetNTPServer request.