Fabio Carretto

2 exploits Active since Mar 2019

CVE-2019-10664 EXPLOITDB CRITICAL python WORKING POC

Domoticz < 4.10578 - SQL Injection

Domoticz before 4.10578 allows SQL Injection via the idx parameter in CWebServer::GetFloorplanImage in WebServer.cpp.

CVSS 9.8

View Code

CVE-2019-10678 EXPLOITDB HIGH python WORKING POC

Domoticz <4.10579 - Info Disclosure

Domoticz before 4.10579 neglects to categorize \n and \r as insecure argument options.

CVSS 7.5

View Code