Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zoneminder vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-0232
includes/functions.php in ZoneMinder Video Server 1.24.0, 1.25.0, and previous versions allows remote malicious users to execute arbitrary commands via shell metacharacters in the (1) runState parameter in the packageControl function; or (2) key or (3) command parameter in the se...
Zoneminder Zoneminder 1.24.4
Zoneminder Zoneminder 1.25.0
Zoneminder Zoneminder 1.24.0
Zoneminder Zoneminder 1.24.1
Zoneminder Zoneminder 1.24.2
Zoneminder Zoneminder 1.24.3
1 EDB exploit
NA
CVE-2013-0332
Multiple directory traversal vulnerabilities in ZoneMinder 1.24.x prior to 1.24.4 allow remote malicious users to read arbitrary files via a .. (dot dot) in the (1) view, (2) request, or (3) action parameter.
Zoneminder Zoneminder 1.24.0
Zoneminder Zoneminder 1.24.1
Zoneminder Zoneminder 1.24.3
Zoneminder Zoneminder 1.24.2
2 EDB exploits
NA
CVE-2008-6755
ZoneMinder 1.23.3 on Fedora 10 sets the ownership of /etc/zm.conf to the apache user account, and sets the permissions to 0600, which makes it easier for remote malicious users to modify this file by accessing it through a (1) PHP or (2) CGI script.
Zoneminder Zoneminder 1.23.3
NA
CVE-2008-6756
ZoneMinder 1.23.3 on Gentoo Linux uses 0644 permissions for /etc/zm.conf, which allows local users to obtain the database username and password by reading this file.
Zoneminder Zoneminder 1.23.3
NA
CVE-2008-3880
SQL injection vulnerability in zm_html_view_event.php in ZoneMinder 1.23.3 and previous versions allows remote malicious users to execute arbitrary SQL commands via the filter array parameter.
Zoneminder Zoneminder 0.9.14
Zoneminder Zoneminder 0.9.15
Zoneminder Zoneminder 1.17.2
Zoneminder Zoneminder 1.18.0
Zoneminder Zoneminder 1.19.5
Zoneminder Zoneminder 1.20.0
Zoneminder Zoneminder 1.22.1
Zoneminder Zoneminder 1.22.2
Zoneminder Zoneminder 0.0.1
Zoneminder Zoneminder 0.9.10
Zoneminder Zoneminder 0.9.11
Zoneminder Zoneminder 0.9.8
Zoneminder Zoneminder 0.9.9
Zoneminder Zoneminder 0.9.12
Zoneminder Zoneminder 0.9.13
Zoneminder Zoneminder 1.17.0
Zoneminder Zoneminder 1.17.1
Zoneminder Zoneminder 1.19.3
Zoneminder Zoneminder 1.19.4
Zoneminder Zoneminder 1.21.4
Zoneminder Zoneminder 1.22.0
Zoneminder Zoneminder
NA
CVE-2008-3881
Multiple cross-site scripting (XSS) vulnerabilities in ZoneMinder 1.23.3 and previous versions allow remote malicious users to inject arbitrary web script or HTML via unspecified "zm_html_view_*.php" files.
Zoneminder Zoneminder 0.9.10
Zoneminder Zoneminder 0.9.11
Zoneminder Zoneminder 0.9.8
Zoneminder Zoneminder 0.9.9
Zoneminder Zoneminder 1.17.0
Zoneminder Zoneminder 1.19.2
Zoneminder Zoneminder 1.19.3
Zoneminder Zoneminder 1.21.2
Zoneminder Zoneminder 1.21.3
Zoneminder Zoneminder 1.23.1
Zoneminder Zoneminder 1.23.2
Zoneminder Zoneminder
Zoneminder Zoneminder 0.0.1
Zoneminder Zoneminder 0.9.16
Zoneminder Zoneminder 0.9.7
Zoneminder Zoneminder 1.19.0
Zoneminder Zoneminder 1.19.1
Zoneminder Zoneminder 1.21.0
Zoneminder Zoneminder 1.21.1
Zoneminder Zoneminder 1.22.3
Zoneminder Zoneminder 1.23.0
Zoneminder Zoneminder 0.9.14
NA
CVE-2008-3882
Unspecified "Command Injection" vulnerability in ZoneMinder 1.23.3 and previous versions allows remote malicious users to execute arbitrary commands via (1) the executeFilter function in zm_html_view_events.php and (2) the run_state parameter to zm_html_view_state.php.
Zoneminder Zoneminder 0.9.13
Zoneminder Zoneminder 0.9.14
Zoneminder Zoneminder 0.9.10
Zoneminder Zoneminder 0.9.11
Zoneminder Zoneminder 0.9.12
Zoneminder Zoneminder 0.9.9
Zoneminder Zoneminder 1.17.0
Zoneminder Zoneminder 1.19.2
Zoneminder Zoneminder 1.19.3
Zoneminder Zoneminder 1.21.3
Zoneminder Zoneminder 1.21.4
Zoneminder Zoneminder 1.23.2
Zoneminder Zoneminder 0.9.15
Zoneminder Zoneminder 0.9.16
Zoneminder Zoneminder 1.18.0
Zoneminder Zoneminder 1.18.1
Zoneminder Zoneminder 1.20.0
Zoneminder Zoneminder 1.20.1
Zoneminder Zoneminder 1.22.2
Zoneminder Zoneminder 1.22.3
Zoneminder Zoneminder 1.17.1
Zoneminder Zoneminder 1.17.2
NA
CVE-2008-1381
ZoneMinder prior to 1.23.3 allows remote authenticated users, and possibly unauthenticated attackers in some installations, to execute arbitrary commands via shell metacharacters in a crafted URL.
Zoneminder Zoneminder 0.9.10
Zoneminder Zoneminder 0.9.11
Zoneminder Zoneminder 0.9.8
Zoneminder Zoneminder 0.9.9
Zoneminder Zoneminder 1.19.2
Zoneminder Zoneminder 1.19.3
Zoneminder Zoneminder 1.21.2
Zoneminder Zoneminder 1.21.3
Zoneminder Zoneminder 1.23.1
Zoneminder Zoneminder 1.23.2
Zoneminder Zoneminder 0.9.14
Zoneminder Zoneminder 0.9.15
Zoneminder Zoneminder 1.17.2
Zoneminder Zoneminder 1.18.0
Zoneminder Zoneminder 1.20.0
Zoneminder Zoneminder 1.20.1
Zoneminder Zoneminder 1.22.1
Zoneminder Zoneminder 1.22.2
Zoneminder Zoneminder 0.9.12
Zoneminder Zoneminder 0.9.13
Zoneminder Zoneminder 1.17.0
Zoneminder Zoneminder 1.17.1
NA
CVE-2008-2033
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-1381. Reason: This candidate is a duplicate of CVE-2008-1381. Notes: All CVE users should reference CVE-2008-1381 instead of this candidate. All references and descriptions in this candidate have been removed...
NA
CVE-2004-0227
Buffer overflow in the zms script in ZoneMinder prior to 1.19.2 may allow a remote malicious user to execute arbitrary code via a long query string.
Triornis Zoneminder 1.18.1
Triornis Zoneminder 1.19.0
Triornis Zoneminder 1.17.0
Triornis Zoneminder 1.17.1
Triornis Zoneminder 1.19.1
Triornis Zoneminder 1.17.2
Triornis Zoneminder 1.18.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8