6 matches found
CVE-2026-1001 Domoticz < 2026.1 Stored XSS via Hardware Configuration Endpoint
Domoticz versions prior to 2026.1 contain a stored cross-site scripting vulnerability in the Add Hardware and rename device functionality of the web interface that allows authenticated administrators to execute arbitrary scripts by supplying crafted names containing script or HTML markup. Attacke...
PT-2026-28077
Domoticz versions prior to 2026.1 contain a stored cross-site scripting vulnerability in the Add Hardware and rename device functionality of the web interface that allows authenticated administrators to execute arbitrary scripts by supplying crafted names containing script or HTML markup. Attacke...
Domoticz 跨站脚本漏洞
Domoticz is an open-source smart home system developed by the Domoticz company. This system supports the monitoring and control of various smart home devices. Versions of Domoticz prior to 2026.1 contained a cross-site scripting vulnerability. This vulnerability stemmed from the Web interface’s...
EUVD-2019-6478
Malware in sbrugna...
Domoticz SQL Injection Vulnerability
Domoticz is an open source smart home system. The system supports monitoring and controlling a wide range of smart home devices. A SQL injection vulnerability exists in Domoticz versions prior to 4.10578, which stems from a lack of validation of externally entered SQL statements in database-based...
CVE-2019-10664
Domoticz before 4.10578 allows SQL Injection via the idx parameter in CWebServer::GetFloorplanImage in WebServer.cpp...