28 matches found
UBUNTU-CVE-2022-39289
ZoneMinder is a free, open source Closed-circuit television software application. In affected versions the ZoneMinder API Exposes Database Log contents to user without privileges, allows insertion, modification, deletion of logs without System Privileges. Users are advised yo upgrade as soon as...
PT-2022-24872 · Unknown +2 · Zoneminder +2
Name of the Vulnerable Software and Affected Versions: ZoneMinder affected versions not specified Description: The issue concerns the ZoneMinder API, which exposes database log contents to users without privileges. It also allows for the insertion, modification, and deletion of logs without syste...
CVE-2022-39285 Stored Cross-Site Scripting Vulnerability In File Parameter in zoneminder
ZoneMinder is a free, open source Closed-circuit television software application The file parameter is vulnerable to a cross site scripting vulnerability XSS by backing out of the current "tr" "td" brackets. This then allows a malicious user to provide code that will execute when a user views the...
CVE-2022-39289 Database log access in ZoneMinder
ZoneMinder is a free, open source Closed-circuit television software application. In affected versions the ZoneMinder API Exposes Database Log contents to user without privileges, allows insertion, modification, deletion of logs without System Privileges. Users are advised yo upgrade as soon as...
CVE-2022-39285
ZoneMinder is a free, open source Closed-circuit television software application The file parameter is vulnerable to a cross site scripting vulnerability XSS by backing out of the current "tr" "td" brackets. This then allows a malicious user to provide code that will execute when a user views the...
Exceptions may have logged Encryption-at-Rest key content
None...
CVE-1999-0795
The NIS+ rpc.nisd server allows remote attackers to execute certain RPC calls without authentication to obtain system information, disable logging, or modify caches...
CVE-1999-1061
HP Laserjet printers with JetDirect cards, when configured with TCP/IP, can be configured without a password, which allows remote attackers to connect to the printer and change its IP address or disable logging...