EUVD-2006-5785

Malware in sbrugna...

HomeAutomation 3.3.2 - Cross-Site Request Forgery (Add Admin)

HomeAutomation 3.3.2 - Cross-Site Request Forgery Add Admin Exploit: HomeAutomation 3.3.2 - Cross-Site Request Forgery Add Admin Date: 2019-12-30 Author: LiquidWorm Vendor: Tom Rosenback and Daniel Malmgren Product web page: http://karpero.mine.nu/ha/ Affected version: 3.3.2 Tested on:...

HomeAutomation 3.3.2 - Persistent Cross-Site Scripting

Exploit: HomeAutomation 3.3.2 - Persistent Cross-Site Scripting Date: 2019-12-30 Author: LiquidWorm Vendor: Tom Rosenback and Daniel Malmgren Product web page: http://karpero.mine.nu/ha/ Affected version: 3.3.2 Tested on: Apache/2.4.41 centos OpenSSL/1.0.2k-fips Advisory ID: ZSL-2019-5556 Advisor...

HomeAutomation 3.3.2 CSRF / Code Execution

HomeAutomation v3.3.2 CSRF Remote Command Execution PHP Reverse Shell PoC Vendor: Tom Rosenback and Daniel Malmgren Product web page: http://karpero.mine.nu/ha/ Affected version: 3.3.2 Summary: HomeAutomation is an open-source web interface and scheduling solution. It was initially made for use...

HomeAutomation 3.3.2 - Remote Code Execution Vulnerability

Exploit for php platform in category web applications Exploit: HomeAutomation 3.3.2 - Remote Code Execution Author: LiquidWorm Vendor: Tom Rosenback and Daniel Malmgren Product web page: http://karpero.mine.nu/ha/ Affected version: 3.3.2 Tested on: Apache/2.4.41 centos OpenSSL/1.0.2k-fips Advisor...

HomeAutomation 3.3.2 - Cross-Site Request Forgery (Add Admin) Vulnerability

Exploit for php platform in category web applications Exploit: HomeAutomation 3.3.2 - Cross-Site Request Forgery Add Admin Author: LiquidWorm Vendor: Tom Rosenback and Daniel Malmgren Product web page: http://karpero.mine.nu/ha/ Affected version: 3.3.2 Tested on: Apache/2.4.41 centos...

HomeAutomation 3.3.2 - Authentication Bypass

HomeAutomation 3.3.2 - Authentication Bypass Exploit: HomeAutomation 3.3.2 - Authentication Bypass Date: 2019-12-30 Author: LiquidWorm Vendor: Tom Rosenback and Daniel Malmgren Product web page: http://karpero.mine.nu/ha/ Affected version: 3.3.2 Tested on: Apache/2.4.41 centos OpenSSL/1.0.2k-fips...

HomeAutomation 3.3.2 Cross Site Scripting

HomeAutomation v3.3.2 Stored and Reflected XSS Vendor: Tom Rosenback and Daniel Malmgren Product web page: http://karpero.mine.nu/ha/ Affected version: 3.3.2 Summary: HomeAutomation is an open-source web interface and scheduling solution. It was initially made for use with the Telldus TellStick,...

HomeAutomation 3.3.2 - Persistent Cross-Site Scripting

HomeAutomation 3.3.2 - Persistent Cross-Site Scripting Exploit: HomeAutomation 3.3.2 - Persistent Cross-Site Scripting Date: 2019-12-30 Author: LiquidWorm Vendor: Tom Rosenback and Daniel Malmgren Product web page: http://karpero.mine.nu/ha/ Affected version: 3.3.2 Tested on: Apache/2.4.41 centos...

HomeAutomation v3.3.2 Stored and Reflected XSS

Summary HomeAutomation is an open-source web interface and scheduling solution. It was initially made for use with the Telldus TellStick, but is now based on a plugin system and except for Tellstick it also comes with support for Crestron, OWFS and Z-Wave using OpenZWave. It controls your devices...

CVE-2006-5801

The owserver module in owfs and owhttpd 2.5p5 and earlier does not properly check the path type, which allows attackers to cause a denial of service application crash related to use of the path in owshell...

CVE-2006-5801

The owserver module in owfs and owhttpd 2.5p5 and earlier does not properly check the path type, which allows attackers to cause a denial of service application crash related to use of the path in owshell...

CVE-2006-5801

The CVE-2006-5801 entry concerns the owserver module used with owfs and owhttpd up to version 2.5p5. The vulnerability arises because the code path does not properly validate the path type, enabling a denial-of-service (application crash) when the path is used in owshell. Impact is limited to ava...