Vulnerabilities > Domoticz > Domoticz > 3.5877

DATE CVE VULNERABILITY TITLE RISK
2019-03-31 CVE-2019-10678 CRLF Injection vulnerability in Domoticz
Domoticz before 4.10579 neglects to categorize \n and \r as insecure argument options.
network
low complexity
domoticz CWE-93
7.5
7.5
2019-03-31 CVE-2019-10664 SQL Injection vulnerability in Domoticz
Domoticz before 4.10578 allows SQL Injection via the idx parameter in CWebServer::GetFloorplanImage in WebServer.cpp.
network
low complexity
domoticz CWE-89
critical
 9.8
9.8