Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zoneminder vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2013-0232
includes/functions.php in ZoneMinder Video Server 1.24.0, 1.25.0, and previous versions allows remote malicious users to execute arbitrary commands via shell metacharacters in the (1) runState parameter in the packageControl function; or (2) key or (3) command parameter in the se...
Zoneminder Zoneminder 1.24.4
Zoneminder Zoneminder 1.25.0
Zoneminder Zoneminder 1.24.0
Zoneminder Zoneminder 1.24.1
Zoneminder Zoneminder 1.24.2
Zoneminder Zoneminder 1.24.3
1 EDB exploit
510
VMScore
CVE-2013-0332
Multiple directory traversal vulnerabilities in ZoneMinder 1.24.x prior to 1.24.4 allow remote malicious users to read arbitrary files via a .. (dot dot) in the (1) view, (2) request, or (3) action parameter.
Zoneminder Zoneminder 1.24.0
Zoneminder Zoneminder 1.24.1
Zoneminder Zoneminder 1.24.3
Zoneminder Zoneminder 1.24.2
2 EDB exploits
445
VMScore
CVE-2008-6755
ZoneMinder 1.23.3 on Fedora 10 sets the ownership of /etc/zm.conf to the apache user account, and sets the permissions to 0600, which makes it easier for remote malicious users to modify this file by accessing it through a (1) PHP or (2) CGI script.
Zoneminder Zoneminder 1.23.3
187
VMScore
CVE-2008-6756
ZoneMinder 1.23.3 on Gentoo Linux uses 0644 permissions for /etc/zm.conf, which allows local users to obtain the database username and password by reading this file.
Zoneminder Zoneminder 1.23.3
668
VMScore
CVE-2008-3880
SQL injection vulnerability in zm_html_view_event.php in ZoneMinder 1.23.3 and previous versions allows remote malicious users to execute arbitrary SQL commands via the filter array parameter.
Zoneminder Zoneminder 0.9.14
Zoneminder Zoneminder 0.9.15
Zoneminder Zoneminder 1.17.2
Zoneminder Zoneminder 1.18.0
Zoneminder Zoneminder 1.19.5
Zoneminder Zoneminder 1.20.0
Zoneminder Zoneminder 1.22.1
Zoneminder Zoneminder 1.22.2
Zoneminder Zoneminder 0.0.1
Zoneminder Zoneminder 0.9.10
Zoneminder Zoneminder 0.9.11
Zoneminder Zoneminder 0.9.8
Zoneminder Zoneminder 0.9.9
Zoneminder Zoneminder 0.9.12
Zoneminder Zoneminder 0.9.13
Zoneminder Zoneminder 1.17.0
Zoneminder Zoneminder 1.17.1
Zoneminder Zoneminder 1.19.3
Zoneminder Zoneminder 1.19.4
Zoneminder Zoneminder 1.21.4
Zoneminder Zoneminder 1.22.0
Zoneminder Zoneminder
890
VMScore
CVE-2008-3882
Unspecified "Command Injection" vulnerability in ZoneMinder 1.23.3 and previous versions allows remote malicious users to execute arbitrary commands via (1) the executeFilter function in zm_html_view_events.php and (2) the run_state parameter to zm_html_view_state.php.
Zoneminder Zoneminder 0.9.13
Zoneminder Zoneminder 0.9.14
Zoneminder Zoneminder 0.9.10
Zoneminder Zoneminder 0.9.11
Zoneminder Zoneminder 0.9.12
Zoneminder Zoneminder 0.9.9
Zoneminder Zoneminder 1.17.0
Zoneminder Zoneminder 1.19.2
Zoneminder Zoneminder 1.19.3
Zoneminder Zoneminder 1.21.3
Zoneminder Zoneminder 1.21.4
Zoneminder Zoneminder 1.23.2
Zoneminder Zoneminder 0.9.15
Zoneminder Zoneminder 0.9.16
Zoneminder Zoneminder 1.18.0
Zoneminder Zoneminder 1.18.1
Zoneminder Zoneminder 1.20.0
Zoneminder Zoneminder 1.20.1
Zoneminder Zoneminder 1.22.2
Zoneminder Zoneminder 1.22.3
Zoneminder Zoneminder 1.17.1
Zoneminder Zoneminder 1.17.2
383
VMScore
CVE-2008-3881
Multiple cross-site scripting (XSS) vulnerabilities in ZoneMinder 1.23.3 and previous versions allow remote malicious users to inject arbitrary web script or HTML via unspecified "zm_html_view_*.php" files.
Zoneminder Zoneminder 0.9.10
Zoneminder Zoneminder 0.9.11
Zoneminder Zoneminder 0.9.8
Zoneminder Zoneminder 0.9.9
Zoneminder Zoneminder 1.17.0
Zoneminder Zoneminder 1.19.2
Zoneminder Zoneminder 1.19.3
Zoneminder Zoneminder 1.21.2
Zoneminder Zoneminder 1.21.3
Zoneminder Zoneminder 1.23.1
Zoneminder Zoneminder 1.23.2
Zoneminder Zoneminder
Zoneminder Zoneminder 0.0.1
Zoneminder Zoneminder 0.9.16
Zoneminder Zoneminder 0.9.7
Zoneminder Zoneminder 1.19.0
Zoneminder Zoneminder 1.19.1
Zoneminder Zoneminder 1.21.0
Zoneminder Zoneminder 1.21.1
Zoneminder Zoneminder 1.22.3
Zoneminder Zoneminder 1.23.0
Zoneminder Zoneminder 0.9.14
668
VMScore
CVE-2008-1381
ZoneMinder prior to 1.23.3 allows remote authenticated users, and possibly unauthenticated attackers in some installations, to execute arbitrary commands via shell metacharacters in a crafted URL.
Zoneminder Zoneminder 0.9.10
Zoneminder Zoneminder 0.9.11
Zoneminder Zoneminder 0.9.8
Zoneminder Zoneminder 0.9.9
Zoneminder Zoneminder 1.19.2
Zoneminder Zoneminder 1.19.3
Zoneminder Zoneminder 1.21.2
Zoneminder Zoneminder 1.21.3
Zoneminder Zoneminder 1.23.1
Zoneminder Zoneminder 1.23.2
Zoneminder Zoneminder 0.9.14
Zoneminder Zoneminder 0.9.15
Zoneminder Zoneminder 1.17.2
Zoneminder Zoneminder 1.18.0
Zoneminder Zoneminder 1.20.0
Zoneminder Zoneminder 1.20.1
Zoneminder Zoneminder 1.22.1
Zoneminder Zoneminder 1.22.2
Zoneminder Zoneminder 0.9.12
Zoneminder Zoneminder 0.9.13
Zoneminder Zoneminder 1.17.0
Zoneminder Zoneminder 1.17.1
NA
CVE-2008-2033
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-1381. Reason: This candidate is a duplicate of CVE-2008-1381. Notes: All CVE users should reference CVE-2008-1381 instead of this candidate. All references and descriptions in this candidate have been removed...
668
VMScore
CVE-2004-0227
Buffer overflow in the zms script in ZoneMinder prior to 1.19.2 may allow a remote malicious user to execute arbitrary code via a long query string.
Triornis Zoneminder 1.18.1
Triornis Zoneminder 1.19.0
Triornis Zoneminder 1.17.0
Triornis Zoneminder 1.17.1
Triornis Zoneminder 1.19.1
Triornis Zoneminder 1.17.2
Triornis Zoneminder 1.18.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8