Linear eMerge E3 versions 1.00-06 and below unauthenticated command injection remote root exploit that leverages card_scan_decoder.php.
Computrols CBAS-Web versions 19.0.0 and below suffer from a reflective cross site scripting vulnerability.
Optergy BMS versions 2.0.3a and below unauthenticated remote root exploit. Related CVE number: CVE-2019-7276.
Optergy BMS versions 2.0.3a and below account reset and username disclosure exploit.
Linear eMerge E3 versions 1.00-06 and below suffer from a privilege escalation vulnerability.
FUDForum version 3.0.9 suffers from remote code execution and stored cross site scripting vulnerabilities.
Prima FlexAir Access Control version 2.3.35 database backup predictable name exploit.
Nortek Linear eMerge E3 suffers from a cross site request forgery vulnerability.
Optergy Proton/Enterprise BMS versions 2.0.3a and below suffer from an add administrator cross site request forgery vulnerability.
Computrols CBAS-Web versions 19.0.0 and below suffer from a username enumeration vulnerability.