Vulnerabilities > Domoticz > Domoticz > 3.5877
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-03-31 | CVE-2019-10678 | CRLF Injection vulnerability in Domoticz Domoticz before 4.10579 neglects to categorize \n and \r as insecure argument options. | 7.5 |
2019-03-31 | CVE-2019-10664 | SQL Injection vulnerability in Domoticz Domoticz before 4.10578 allows SQL Injection via the idx parameter in CWebServer::GetFloorplanImage in WebServer.cpp. | 9.8 |