Search CVE reports
1 – 10 of 85 results
CVE-2024-51482
Medium priorityZoneMinder is a free, open source closed-circuit television software application. ZoneMinder v1.37.* <= 1.37.64 is vulnerable to boolean-based SQL Injection in function of web/ajax/event.php. This is fixed in 1.37.65.
1 affected package
zoneminder
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
zoneminder | Needs evaluation | Needs evaluation | Needs evaluation | — | Needs evaluation |
CVE-2023-31493
Medium priorityRCE (Remote Code Execution) exists in ZoneMinder through 1.36.33 as an attacker can create a new .php log file in language folder, while executing a crafted payload and escalate privileges allowing execution of any commands on the...
1 affected package
zoneminder
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
zoneminder | Needs evaluation | Needs evaluation | Needs evaluation | — | Needs evaluation |
CVE-2024-43360
Medium priorityZoneMinder is a free, open source closed-circuit television software application. ZoneMinder is affected by a time-based SQL Injection vulnerability. This vulnerability is fixed in 1.36.34 and 1.37.61.
1 affected package
zoneminder
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
zoneminder | Needs evaluation | Needs evaluation | Needs evaluation | — | Needs evaluation |
CVE-2024-43359
Medium priorityZoneMinder is a free, open source closed-circuit television software application. ZoneMinder has a cross-site scripting vulnerability in the montagereview via the displayinterval, speed, and scale parameters. This vulnerability is...
1 affected package
zoneminder
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
zoneminder | Needs evaluation | Needs evaluation | Needs evaluation | — | Needs evaluation |
CVE-2024-43358
Medium priorityZoneMinder is a free, open source closed-circuit television software application. ZoneMinder has a cross-site scripting vulnerability in the filter view via the filter[Id]. This vulnerability is fixed in 1.36.34 and 1.37.61.
1 affected package
zoneminder
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
zoneminder | Needs evaluation | Needs evaluation | Needs evaluation | — | Needs evaluation |
CVE-2023-41884
Medium priorityZoneMinder is a free, open source Closed-circuit television software application. In WWW/AJAX/watch.php, Line: 51 takes a few parameter in sql query without sanitizing it which makes it vulnerable to sql injection. This...
1 affected package
zoneminder
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
zoneminder | Needs evaluation | Needs evaluation | Needs evaluation | — | Needs evaluation |
CVE-2020-25730
Medium priorityCross Site Scripting (XSS) vulnerability in ZoneMinder before version 1.34.21, allows remote attackers execute arbitrary code, escalate privileges, and obtain sensitive information via PHP_SELF component in classic/views/download.php.
1 affected package
zoneminder
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
zoneminder | Needs evaluation | Needs evaluation | Needs evaluation | — | Needs evaluation |
CVE-2023-26039
Medium priorityZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 contain an OS Command Injection via daemonControl() in...
1 affected package
zoneminder
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
zoneminder | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Needs evaluation |
CVE-2023-26038
Medium priorityZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 contain a Local File Inclusion (Untrusted Search Path)...
1 affected package
zoneminder
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
zoneminder | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Needs evaluation |
CVE-2023-26037
Medium priorityZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 contain an SQL Injection. The minTime and maxTime request...
1 affected package
zoneminder
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
zoneminder | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Needs evaluation |