1103 matches found
Lyrion Music Server 9.2.0 (search.*) Multiple Script Insertions
Summary Lyrion Music Server formerly Logitech Media Server, and often abbreviated as "LMS" is open-source software which can control and serve stream music to a wide range of physical and virtual audio players called Squeezeboxes. Lyrion Music Server can stream your local music collection, intern...
Lyrion Music Server 9.2.0 Path Traversal File Read
Summary Lyrion Music Server formerly Logitech Media Server, and often abbreviated as "LMS" is open-source software which can control and serve stream music to a wide range of physical and virtual audio players called Squeezeboxes. Lyrion Music Server can stream your local music collection, intern...
Lyrion Music Server 9.2.0 (metadata) Stored XSS
Summary Lyrion Music Server formerly Logitech Media Server, and often abbreviated as "LMS" is open-source software which can control and serve stream music to a wide range of physical and virtual audio players called Squeezeboxes. Lyrion Music Server can stream your local music collection, intern...
Lyrion Music Server 9.2.0 (server.log) Unauthenticated Reflected XSS
Summary Lyrion Music Server formerly Logitech Media Server, and often abbreviated as "LMS" is open-source software which can control and serve stream music to a wide range of physical and virtual audio players called Squeezeboxes. Lyrion Music Server can stream your local music collection, intern...
Lyrion Music Server 9.2.0 (server.log) Unauthenticated Stored XSS
Summary Lyrion Music Server formerly Logitech Media Server, and often abbreviated as "LMS" is open-source software which can control and serve stream music to a wide range of physical and virtual audio players called Squeezeboxes. Lyrion Music Server can stream your local music collection, intern...
Lyrion Music Server 9.2.0 Arbitrary Directory Listing
Summary Lyrion Music Server formerly Logitech Media Server, and often abbreviated as "LMS" is open-source software which can control and serve stream music to a wide range of physical and virtual audio players called Squeezeboxes. Lyrion Music Server can stream your local music collection, intern...
Lightweight Music Server (LMS) 3.76.0 (metadata) Stored XSS
Summary LMS Lightweight Music Server: A specific C++ based project focused on a low memory footprint, featuring built-in user management and a recommendation engine. Description LMS stores media file metadata tags such as GENRE, ARTIST, and ALBUM exactly as written in the file and later renders...
Pachno 1.0.6 (runSwitchUser()) Remote Vertical Privilege Escalation
Summary Pachno is an open-source collaboration platform formerly known as The Bug Genie designed for team project management, issue tracking, and documentation. It offers a module-based, customizable environment for software development and team workflows, distributed under the Mozilla Public...
Pachno 1.0.6 Wiki TextParser XXE Vulnerability
Summary Pachno is an open-source collaboration platform formerly known as The Bug Genie designed for team project management, issue tracking, and documentation. It offers a module-based, customizable environment for software development and team workflows, distributed under the Mozilla Public...
Pachno 1.0.6 Cross-Site Request Forgery
Summary Pachno is an open-source collaboration platform formerly known as The Bug Genie designed for team project management, issue tracking, and documentation. It offers a module-based, customizable environment for software development and team workflows, distributed under the Mozilla Public...
Pachno 1.0.6 FileCache Deserialization Remote Code Execution
Summary Pachno is an open-source collaboration platform formerly known as The Bug Genie designed for team project management, issue tracking, and documentation. It offers a module-based, customizable environment for software development and team workflows, distributed under the Mozilla Public...
Pachno 1.0.6 (return_to) Open Redirection
Summary Pachno is an open-source collaboration platform formerly known as The Bug Genie designed for team project management, issue tracking, and documentation. It offers a module-based, customizable environment for software development and team workflows, distributed under the Mozilla Public...
Pachno 1.0.6 Stored Cross-Site Scripting
Summary Pachno is an open-source collaboration platform formerly known as The Bug Genie designed for team project management, issue tracking, and documentation. It offers a module-based, customizable environment for software development and team workflows, distributed under the Mozilla Public...
Pachno 1.0.6 (uploadfile) Unrestricted File Upload Remote Code Execution
Summary Pachno is an open-source collaboration platform formerly known as The Bug Genie designed for team project management, issue tracking, and documentation. It offers a module-based, customizable environment for software development and team workflows, distributed under the Mozilla Public...
Honeywell Trend IQ4xx BMS Controller Unauthenticated Remote Web-HMI Control And Lockout
Summary The Honeywell IQ4 Trend IQ4 is a line of intelligent building-management controllers designed to provide advanced unitary control, HVAC integration, and scalable I/O expansion for commercial environments. These controllers use Ethernet and TCP/IP networking with embedded XML, support BACn...
Tattile Cameras 1.181.5 Use of Default Credentials
Summary Tattile is an Italian manufacturer specializing in advanced ANPR/ALPR, trafficβenforcement, and machineβvision camera systems used across intelligent transportation networks, tolling infrastructures, accessβcontrol environments, and industrial automation. Their portfolio includes...
Tattile Cameras 1.181.5 Insufficient Token (X-User-Token) Expiration
Summary Tattile is an Italian manufacturer specializing in advanced ANPR/ALPR, trafficβenforcement, and machineβvision camera systems used across intelligent transportation networks, tolling infrastructures, accessβcontrol environments, and industrial automation. Their portfolio includes...
Tattile Cameras 1.181.5 Unauthenticated RTSP Stream Disclosure
Summary Tattile is an Italian manufacturer specializing in advanced ANPR/ALPR, trafficβenforcement, and machineβvision camera systems used across intelligent transportation networks, tolling infrastructures, accessβcontrol environments, and industrial automation. Their portfolio includes...
eNet SMART HOME server 2.3.1 (resetUserPassword) Account Takeover
Summary Two German specialists in building systems technology are jointly bringing a new, wireless-based smart home system to the market. Gira and JUNG are the companies behind the eNet SMART HOME brand with our subsidiary, INSTA, responsible for developing the system. All three of us are old han...
eNet SMART HOME server 2.3.1 Use of Default Credentials
Summary Two German specialists in building systems technology are jointly bringing a new, wireless-based smart home system to the market. Gira and JUNG are the companies behind the eNet SMART HOME brand with our subsidiary, INSTA, responsible for developing the system. All three of us are old han...
eNet SMART HOME server 2.3.1 (deleteUserAccount) Arbitrary User Deletion
Summary Two German specialists in building systems technology are jointly bringing a new, wireless-based smart home system to the market. Gira and JUNG are the companies behind the eNet SMART HOME brand with our subsidiary, INSTA, responsible for developing the system. All three of us are old han...
eNet SMART HOME server 2.3.1 (setUserGroup) Remote Privilege Escalation
Summary Two German specialists in building systems technology are jointly bringing a new, wireless-based smart home system to the market. Gira and JUNG are the companies behind the eNet SMART HOME brand with our subsidiary, INSTA, responsible for developing the system. All three of us are old han...
JUNG Smart Visu Server 1.1.1050 Remote Server Shutdown
Summary The Smart Visu Server makes your intelligent building control convenient. With the user-friendly operating concept, you can control both the KNX system and other systems such as Philips Hue or Sonos on your mobile devices. You can likewise connect voice control to your KNX system with...
JUNG Smart Visu Server 1.1.1050 Request URL Override
Summary The Smart Visu Server makes your intelligent building control convenient. With the user-friendly operating concept, you can control both the KNX system and other systems such as Philips Hue or Sonos on your mobile devices. You can likewise connect voice control to your KNX system with...
JUNG Smart Panel 5.1 KNX Unauthenticated Absolute File Path Traversal
Summary The JUNG Smart Panel 5.1 KNX is a flush-mounted 5-inch touch-sensitive controller designed for managing smart building automation via the KNX system. It serves as a, intuitive, centralized interface for controlling lighting, shading, heating, and security, utilizing a 640 x 480-pixel colo...
Lighttpd 1.4.56 - 1.4.66 Resource Leak Denial of Service PoC
Summary lighttpd pronounced /lighty/ is a secure, fast, compliant, and very flexible web server that has been optimized for high-performance environments. lighttpd uses memory and CPU efficiently and has lower resource use than other popular web servers. Its advanced feature-set FastCGI, CGI, Aut...
Ilevia EVE X1/X5 Server 4.7.18.0.eden Authenticated Remote Command Injections
Summary EVE is a smart home and building automation solution designed for both residential and commercial environments, including malls, hotels, restaurants, bars, gyms, spas, boardrooms, and offices. It enables comprehensive control and monitoring of electrical installations through a highly...
Logitech Streamlabs Desktop 1.19.6 (overlay) CPU Exhaustion
Summary Streamlabs Desktop is a free streaming and recording software, built on OBS Studio, for content creators to stream live to platforms like Twitch, YouTube, and Facebook. It is designed to be beginner-friendly and offers tools for creating engaging streams, such as customizable overlays,...
Ilevia EVE X1/X5 Server 4.7.18.0.eden Root Privilege Escalation
Summary EVE is a smart home and building automation solution designed for both residential and commercial environments, including malls, hotels, restaurants, bars, gyms, spas, boardrooms, and offices. It enables comprehensive control and monitoring of electrical installations through a highly...
Ilevia EVE X1/X5 Server 4.7.18.0.eden Insecure Hashing Algorithm
Summary EVE is a smart home and building automation solution designed for both residential and commercial environments, including malls, hotels, restaurants, bars, gyms, spas, boardrooms, and offices. It enables comprehensive control and monitoring of electrical installations through a highly...
Ilevia EVE X1/X5 Server 4.7.18.0.eden Default Credentials
Summary EVE is a smart home and building automation solution designed for both residential and commercial environments, including malls, hotels, restaurants, bars, gyms, spas, boardrooms, and offices. It enables comprehensive control and monitoring of electrical installations through a highly...
Ilevia EVE X1 Server 4.7.18.0.eden Parameter Traversal Arbitrary File Access
Summary EVE is a smart home and building automation solution designed for both residential and commercial environments, including malls, hotels, restaurants, bars, gyms, spas, boardrooms, and offices. It enables comprehensive control and monitoring of electrical installations through a highly...
Ilevia EVE X1 Server 4.7.18.0.eden (mbus) Unauthenticated Remote Command Injection
Summary EVE is a smart home and building automation solution designed for both residential and commercial environments, including malls, hotels, restaurants, bars, gyms, spas, boardrooms, and offices. It enables comprehensive control and monitoring of electrical installations through a highly...
Ilevia EVE X1 Server 4.7.18.0.eden Unauthenticated Reflected XSS
Summary EVE is a smart home and building automation solution designed for both residential and commercial environments, including malls, hotels, restaurants, bars, gyms, spas, boardrooms, and offices. It enables comprehensive control and monitoring of electrical installations through a highly...
Ilevia EVE X1/X5 Server 4.7.18.0.eden Reverse Rootshell
Summary EVE is a smart home and building automation solution designed for both residential and commercial environments, including malls, hotels, restaurants, bars, gyms, spas, boardrooms, and offices. It enables comprehensive control and monitoring of electrical installations through a highly...
Ilevia EVE X1/X5 Server 4.7.18.0.eden Authentication Bypass Exploit
Summary EVE is a smart home and building automation solution designed for both residential and commercial environments, including malls, hotels, restaurants, bars, gyms, spas, boardrooms, and offices. It enables comprehensive control and monitoring of electrical installations through a highly...
Ilevia EVE X1 Server 4.7.18.0.eden Credentials Leak Through Log Disclosure
Summary EVE is a smart home and building automation solution designed for both residential and commercial environments, including malls, hotels, restaurants, bars, gyms, spas, boardrooms, and offices. It enables comprehensive control and monitoring of electrical installations through a highly...
Ilevia EVE X1 Server 4.7.18.0.eden (db_log) Pre-Auth File Disclosure
Summary EVE is a smart home and building automation solution designed for both residential and commercial environments, including malls, hotels, restaurants, bars, gyms, spas, boardrooms, and offices. It enables comprehensive control and monitoring of electrical installations through a highly...
Ilevia EVE X1 Server 4.7.18.0.eden Neuro-Core Unauth Code Invasion
Summary EVE is a smart home and building automation solution designed for both residential and commercial environments, including malls, hotels, restaurants, bars, gyms, spas, boardrooms, and offices. It enables comprehensive control and monitoring of electrical installations through a highly...
ABB Cylon Aspect 3.08.04 (DeploySource) Unauthenticated Remote Code Execution
Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description ABB Cylon Aspect BMS/BAS is vulnerable to a critical flaw in the...
ABB Cylon BACnet MS/TP Kernel Module (mstp.ko) Out-of-Bounds Write in SendFrame()
Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. BACnet Smart Building Controllers. ABB's BACnet portfolio features a series of...
ABB Cylon Aspect Studio 3.08.03 (CylonLicence.dll) Binary Planting
Summary ABB Cylon ASPECT Studio is a graphical programming tool and integrated development environment IDE for ABB Cylon ASPECT products. It's used to engineer comprehensive area control and graphical user interface GUI solutions, containing a library of logical and graphical widgets. It allows...
ABB Cylon Aspect 3.08.03 (login.php) Obscure Authentication Bypass
Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB Cylon Aspect BAS controller allows login using guest:guest,...
ABB Cylon Aspect Studio 3.08.03 Insecure Permissions
Summary ABB Cylon ASPECT Studio is a graphical programming tool and integrated development environment IDE for ABB Cylon ASPECT products. It's used to engineer comprehensive area control and graphical user interface GUI solutions, containing a library of logical and graphical widgets. It allows...
ABB Cylon Aspect 3.08.03 (Java/PHP) Log Forging
Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description Multiple PHP and Java components across the system fail to properly...
ABB Cylon Aspect 3.08.02 (MIX) Session Validation Bypass
Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description ABB Cylon Aspect suffers from a broken session management issue. The...
ABB Cylon Aspect 3.08.03 (MIX->UserManager) Auth Bypass Create MIXAdmin
Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description ABB Cylon Aspect BMS/BAS is vulnerable to a critical flaw in the...
ABB Cylon Aspect 3.08.03 (productRemovalUpdate.php) Remote Code Execution
Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB BMS/BAS controller suffers from an authenticated blind OS...
ABB Cylon Aspect 3.08.03 (MIX->NTPServlet) Time Manipulation
Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description ABB Cylon Aspect MIX's NTPServlet allows NTP config changes via the...
ABB Cylon Aspect 3.08.03 (MIX->IPConfigServlet) Network Manipulation
Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description ABB Cylon Aspect MIX's IPConfigServlet allows unauthenticated network...