Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zoneminder zoneminder vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2019-7340
POST - Cross Site Scripting (XSS) exists in ZoneMinder up to and including 1.32.3, allowing an malicious user to execute HTML or JavaScript code via a vulnerable 'filter[Query][terms][0][val]' parameter value in the view filter (filter.php) because proper filtration is ...
Zoneminder Zoneminder
4.3
CVSSv2
CVE-2019-7341
Reflected - Cross Site Scripting (XSS) exists in ZoneMinder up to and including 1.32.3, allowing an malicious user to execute HTML or JavaScript code via a vulnerable 'newMonitor[LinkedMonitors]' parameter value in the view monitor (monitor.php) because proper filtratio...
Zoneminder Zoneminder
4.3
CVSSv2
CVE-2019-7344
Reflected XSS exists in ZoneMinder up to and including 1.32.3, allowing an malicious user to execute HTML or JavaScript code in the view 'filter' as it insecurely prints the 'filter[Name]' (aka Filter name) value on the web page without applying any proper fil...
Zoneminder Zoneminder
4.3
CVSSv2
CVE-2019-6992
A stored-self XSS exists in web/skins/classic/views/controlcaps.php of ZoneMinder up to and including 1.32.3, allowing an malicious user to execute HTML or JavaScript code in a vulnerable field via a long NAME or PROTOCOL to the index.php?view=controlcaps URI.
Zoneminder Zoneminder
3.5
CVSSv2
CVE-2019-6990
A stored-self XSS exists in web/skins/classic/views/zones.php of ZoneMinder up to and including 1.32.3, allowing an malicious user to execute HTML or JavaScript code in a vulnerable field via a crafted Zone NAME to the index.php?view=zones&action=zoneImage&mid=1 URI.
Zoneminder Zoneminder
7.5
CVSSv2
CVE-2019-6991
A classic Stack-based buffer overflow exists in the zmLoadUser() function in zm_user.cpp of the zmu binary in ZoneMinder up to and including 1.32.3, allowing an unauthenticated malicious user to execute code via a long username.
Zoneminder Zoneminder
1 Github repository
4.3
CVSSv2
CVE-2019-6777
An issue exists in ZoneMinder v1.32.3. Reflected XSS exists in web/skins/classic/views/plugin.php via the zm/index.php?view=plugin pl parameter.
Zoneminder Zoneminder 1.32.3
10
CVSSv2
CVE-2018-1000832
ZoneMinder version <= 1.32.2 contains a Other/Unknown vulnerability in User-controlled parameter that can result in Disclosure of confidential data, denial of service, SSRF, remote code execution.
Zoneminder Zoneminder
7.5
CVSSv2
CVE-2018-1000833
ZoneMinder version <= 1.32.2 contains a Other/Unknown vulnerability in User-controlled parameter that can result in Disclosure of confidential data, denial of service, SSRF, remote code execution.
Zoneminder Zoneminder
4.3
CVSSv2
CVE-2017-7203
A Cross-Site Scripting (XSS) exists in ZoneMinder prior to 1.30.2. The vulnerability exists due to insufficient filtration of user-supplied data (postLoginQuery) passed to the "ZoneMinder-master/web/skins/classic/views/js/postlogin.js.php" URL. An attacker could execute...
Zoneminder Zoneminder 1.30.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »