Vulnerabilities > Homeseer
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-12-15 | CVE-2011-4837 | Cross-Site Request Forgery (CSRF) vulnerability in Homeseer HS2 2.5.0.20 Cross-site request forgery (CSRF) vulnerability in /ctrl in the web interface in HomeSeer HS2 2.5.0.20 allows remote attackers to hijack the authentication of admins for requests that execute arbitrary programs. | 6.8 |
| 2011-12-15 | CVE-2011-4836 | Cross-Site Scripting vulnerability in Homeseer HS2 2.5.0.20 Cross-site scripting (XSS) vulnerability in the web interface in HomeSeer HS2 2.5.0.20 allows remote attackers to inject arbitrary web script or HTML via a request for a crafted URI. | 4.3 |
| 2011-12-15 | CVE-2011-4835 | Path Traversal vulnerability in Homeseer HS2 2.5.0.20 Directory traversal vulnerability in the web interface in HomeSeer HS2 2.5.0.20 allows remote attackers to access arbitrary files via unspecified vectors. | 7.5 |