2 matches found
CVE-2020-21989
HomeAutomation 3.3.2 is affected by Cross Site Request Forgery CSRF. The application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges i...
123 Flash Chat 5.0 - Remote Code Injection
123 Flash Chat 5.0 - Remote Code Injection source: https://www.securityfocus.com/bid/16360/info 123 Flash Chat is prone to an arbitrary code injection weakness. An attacker can influence the value of a variable that is insecurely passed to an 'eval' call. Successful exploitation may allow attacke...