Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zoneminder vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2020-25729
ZoneMinder prior to 1.34.21 has XSS via the connkey parameter to download.php or export.php.
Zoneminder Zoneminder
NA
CVE-2023-26038
ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions before 1.36.33 and 1.37.33 contain a Local File Inclusion (Untrusted Search Path) vulnerability via web/ajax/modal.php, where an arbitrar...
Zoneminder Zoneminder
4.3
CVSSv2
CVE-2016-10201
Cross-site scripting (XSS) vulnerability in Zoneminder 1.30 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the format parameter in a download log request to index.php.
Zoneminder Zoneminder
4.3
CVSSv2
CVE-2016-10202
Cross-site scripting (XSS) vulnerability in Zoneminder 1.30 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the path info to index.php.
Zoneminder Zoneminder
6.8
CVSSv2
CVE-2016-10206
Cross-site request forgery (CSRF) vulnerability in Zoneminder 1.30 and previous versions allows remote malicious users to hijack the authentication of users for requests that change passwords and possibly have unspecified other impact as demonstrated by a crafted user action requ...
Zoneminder Zoneminder
NA
CVE-2022-30769
Session fixation exists in ZoneMinder up to and including 1.36.12 as an attacker can poison a session cookie to the next logged-in user.
Zoneminder Zoneminder
7.5
CVSSv2
CVE-2018-1000833
ZoneMinder version <= 1.32.2 contains a Other/Unknown vulnerability in User-controlled parameter that can result in Disclosure of confidential data, denial of service, SSRF, remote code execution.
Zoneminder Zoneminder
10
CVSSv2
CVE-2018-1000832
ZoneMinder version <= 1.32.2 contains a Other/Unknown vulnerability in User-controlled parameter that can result in Disclosure of confidential data, denial of service, SSRF, remote code execution.
Zoneminder Zoneminder
4.3
CVSSv2
CVE-2019-8425
includes/database.php in ZoneMinder prior to 1.32.3 has XSS in the construction of SQL-ERR messages.
Zoneminder Zoneminder
4.3
CVSSv2
CVE-2019-8426
skins/classic/views/controlcap.php in ZoneMinder prior to 1.32.3 has XSS via the newControl array, as demonstrated by the newControl[MinTiltRange] parameter.
Zoneminder Zoneminder
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-34377
CVE-2024-20859
CVE-2023-49606
inject
arbitrary
CVE-2024-33788
CVE-2024-30973
IDOR
CVE-2024-33907
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »