Smarthomeadatum
Monthly
SQL injection in SmartHomeAdatum's users.php Login component exposes the backend database to unauthenticated remote manipulation via a crafted Login argument. All commits up to cf495353d81b680675eb8d9aa14a318aa45ce12c of this PHP-based smart home application are affected, with no patch available and a vendor that did not respond to disclosure. No public exploit code or CISA KEV listing exists at time of analysis, though the CVSS 4.0 vector confirms low-complexity unauthenticated network exploitation.
SQL injection in SmartHomeAdatum's users.php Login component exposes the backend database to unauthenticated remote manipulation via a crafted Login argument. All commits up to cf495353d81b680675eb8d9aa14a318aa45ce12c of this PHP-based smart home application are affected, with no patch available and a vendor that did not respond to disclosure. No public exploit code or CISA KEV listing exists at time of analysis, though the CVSS 4.0 vector confirms low-complexity unauthenticated network exploitation.