rauLink Software Domotica Web 2.0 SQL Injection Authentication Bypass

Summary Smart home automation software. Description The application suffers from an SQL Injection vulnerability. Input passed through 'usuario' POST parameter in registraUsuario is not properly sanitised before being returned to the user or used in SQL queries. This can be exploited to manipulate...