Vulnerabilities > Domoticz

DATE CVE VULNERABILITY TITLE RISK
2021-04-29 CVE-2020-21990 Incorrect Authorization vulnerability in Domoticz Mydomoathome 0.240
Emmanuel MyDomoAtHome (MDAH) REST API REST API Domoticz ISS Gateway 0.2.40 is affected by an information disclosure vulnerability due to improper access control enforcement.
network
low complexity
domoticz CWE-863
7.5
2019-08-23 CVE-2019-15480 Cross-site Scripting vulnerability in Domoticz 4.10717
Domoticz 4.10717 has XSS via item.Name.
network
low complexity
domoticz CWE-79
5.4
2019-03-31 CVE-2019-10678 CRLF Injection vulnerability in Domoticz
Domoticz before 4.10579 neglects to categorize \n and \r as insecure argument options.
network
low complexity
domoticz CWE-93
7.5
2019-03-31 CVE-2019-10664 SQL Injection vulnerability in Domoticz
Domoticz before 4.10578 allows SQL Injection via the idx parameter in CWebServer::GetFloorplanImage in WebServer.cpp.
network
low complexity
domoticz CWE-89
critical
9.8