Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zoneminder zoneminder 1.23.3 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-6755
ZoneMinder 1.23.3 on Fedora 10 sets the ownership of /etc/zm.conf to the apache user account, and sets the permissions to 0600, which makes it easier for remote malicious users to modify this file by accessing it through a (1) PHP or (2) CGI script.
Zoneminder Zoneminder 1.23.3
NA
CVE-2008-6756
ZoneMinder 1.23.3 on Gentoo Linux uses 0644 permissions for /etc/zm.conf, which allows local users to obtain the database username and password by reading this file.
Zoneminder Zoneminder 1.23.3
NA
CVE-2008-3880
SQL injection vulnerability in zm_html_view_event.php in ZoneMinder 1.23.3 and previous versions allows remote malicious users to execute arbitrary SQL commands via the filter array parameter.
Zoneminder Zoneminder 0.9.14
Zoneminder Zoneminder 0.9.15
Zoneminder Zoneminder 1.17.2
Zoneminder Zoneminder 1.18.0
Zoneminder Zoneminder 1.19.5
Zoneminder Zoneminder 1.20.0
Zoneminder Zoneminder 1.22.1
Zoneminder Zoneminder 1.22.2
Zoneminder Zoneminder 0.0.1
Zoneminder Zoneminder 0.9.10
Zoneminder Zoneminder 0.9.11
Zoneminder Zoneminder 0.9.8
Zoneminder Zoneminder 0.9.9
Zoneminder Zoneminder 0.9.12
Zoneminder Zoneminder 0.9.13
Zoneminder Zoneminder 1.17.0
Zoneminder Zoneminder 1.17.1
Zoneminder Zoneminder 1.19.3
Zoneminder Zoneminder 1.19.4
Zoneminder Zoneminder 1.21.4
Zoneminder Zoneminder 1.22.0
Zoneminder Zoneminder
NA
CVE-2008-3881
Multiple cross-site scripting (XSS) vulnerabilities in ZoneMinder 1.23.3 and previous versions allow remote malicious users to inject arbitrary web script or HTML via unspecified "zm_html_view_*.php" files.
Zoneminder Zoneminder 0.9.10
Zoneminder Zoneminder 0.9.11
Zoneminder Zoneminder 0.9.8
Zoneminder Zoneminder 0.9.9
Zoneminder Zoneminder 1.17.0
Zoneminder Zoneminder 1.19.2
Zoneminder Zoneminder 1.19.3
Zoneminder Zoneminder 1.21.2
Zoneminder Zoneminder 1.21.3
Zoneminder Zoneminder 1.23.1
Zoneminder Zoneminder 1.23.2
Zoneminder Zoneminder
Zoneminder Zoneminder 0.0.1
Zoneminder Zoneminder 0.9.16
Zoneminder Zoneminder 0.9.7
Zoneminder Zoneminder 1.19.0
Zoneminder Zoneminder 1.19.1
Zoneminder Zoneminder 1.21.0
Zoneminder Zoneminder 1.21.1
Zoneminder Zoneminder 1.22.3
Zoneminder Zoneminder 1.23.0
Zoneminder Zoneminder 0.9.14
NA
CVE-2008-3882
Unspecified "Command Injection" vulnerability in ZoneMinder 1.23.3 and previous versions allows remote malicious users to execute arbitrary commands via (1) the executeFilter function in zm_html_view_events.php and (2) the run_state parameter to zm_html_view_state.php.
Zoneminder Zoneminder 0.9.13
Zoneminder Zoneminder 0.9.14
Zoneminder Zoneminder 0.9.10
Zoneminder Zoneminder 0.9.11
Zoneminder Zoneminder 0.9.12
Zoneminder Zoneminder 0.9.9
Zoneminder Zoneminder 1.17.0
Zoneminder Zoneminder 1.19.2
Zoneminder Zoneminder 1.19.3
Zoneminder Zoneminder 1.21.3
Zoneminder Zoneminder 1.21.4
Zoneminder Zoneminder 1.23.2
Zoneminder Zoneminder 0.9.15
Zoneminder Zoneminder 0.9.16
Zoneminder Zoneminder 1.18.0
Zoneminder Zoneminder 1.18.1
Zoneminder Zoneminder 1.20.0
Zoneminder Zoneminder 1.20.1
Zoneminder Zoneminder 1.22.2
Zoneminder Zoneminder 1.22.3
Zoneminder Zoneminder 1.17.1
Zoneminder Zoneminder 1.17.2
NA
CVE-2008-1381
ZoneMinder prior to 1.23.3 allows remote authenticated users, and possibly unauthenticated attackers in some installations, to execute arbitrary commands via shell metacharacters in a crafted URL.
Zoneminder Zoneminder 0.9.10
Zoneminder Zoneminder 0.9.11
Zoneminder Zoneminder 0.9.8
Zoneminder Zoneminder 0.9.9
Zoneminder Zoneminder 1.19.2
Zoneminder Zoneminder 1.19.3
Zoneminder Zoneminder 1.21.2
Zoneminder Zoneminder 1.21.3
Zoneminder Zoneminder 1.23.1
Zoneminder Zoneminder 1.23.2
Zoneminder Zoneminder 0.9.14
Zoneminder Zoneminder 0.9.15
Zoneminder Zoneminder 1.17.2
Zoneminder Zoneminder 1.18.0
Zoneminder Zoneminder 1.20.0
Zoneminder Zoneminder 1.20.1
Zoneminder Zoneminder 1.22.1
Zoneminder Zoneminder 1.22.2
Zoneminder Zoneminder 0.9.12
Zoneminder Zoneminder 0.9.13
Zoneminder Zoneminder 1.17.0
Zoneminder Zoneminder 1.17.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started