Vulnerabilities > Domoticz > Domoticz > 3.5834
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-31 | CVE-2019-10678 | CRLF Injection vulnerability in Domoticz Domoticz before 4.10579 neglects to categorize \n and \r as insecure argument options. | 5.0 |
| 2019-03-31 | CVE-2019-10664 | SQL Injection vulnerability in Domoticz Domoticz before 4.10578 allows SQL Injection via the idx parameter in CWebServer::GetFloorplanImage in WebServer.cpp. | 7.5 |