Full title: FoF Pretty Mail 1.1.2 Server-Side Template Injection Vulnerability 
Category: web applications
Platform: php
The server in Circontrol Raption versions through 5.11.2 has a pre-authentication stack-based buffer overflow that can be exploited to gain run-time control of the device as root. The pwrstudio web application of EV Charger (in the server in Circontrol Raption through 5.6.2) is vulnerable to OS command injection.

# 0day.today @ http://0day.today/