Lucene search
K

1264 matches found

CNNVD
CNNVD
added 2024/08/12 12:0 a.m.5 views

ZoneMinder 安全漏洞

ZoneMinder is an open source video surveillance software system from ZoneMinder Open Source. The system supports IP, USB and analog cameras, among others. A security vulnerability exists in ZoneMinder versions prior to 1.36.34, which stems from not cleaning up query parameters and is vulnerable t...

7.1CVSS7.5AI score0.00503EPSS
Exploits1References4
OSV
OSV
added 2024/04/04 8:15 a.m.18 views

CVE-2020-25730

Cross Site Scripting XSS vulnerability in ZoneMinder before version 1.34.21, allows remote attackers execute arbitrary code, escalate privileges, and obtain sensitive information via PHPSELF component in classic/views/download.php...

8.2CVSS6.4AI score
Exploits0References1
OSV
OSV
added 2024/04/04 8:15 a.m.1 views

DEBIAN-CVE-2020-25730

Cross Site Scripting XSS vulnerability in ZoneMinder before version 1.34.21, allows remote attackers execute arbitrary code, escalate privileges, and obtain sensitive information via PHPSELF component in classic/views/download.php...

8.2CVSS5.6AI score0.00629EPSS
Exploits0References1
OSV
OSV
added 2024/04/04 8:15 a.m.2 views

UBUNTU-CVE-2020-25730

Cross Site Scripting XSS vulnerability in ZoneMinder before version 1.34.21, allows remote attackers execute arbitrary code, escalate privileges, and obtain sensitive information via PHPSELF component in classic/views/download.php...

8.2CVSS6AI score0.00629EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/04/04 12:0 a.m.3 views

ZoneMinder 安全漏洞

ZoneMinder is an open source video surveillance software system. The system supports IP, USB and analog cameras, among others. A security vulnerability exists in ZoneMinder versions prior to 1.34.21. A remote attacker can exploit this vulnerability to execute arbitrary code, elevate privileges, a...

8.2CVSS6.8AI score0.00629EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/04/04 12:0 a.m.4 views

PT-2024-10791 · Unknown · Zoneminder

Name of the Vulnerable Software and Affected Versions: ZoneMinder versions prior to 1.34.21 Description: The issue allows remote attackers to execute arbitrary code, escalate privileges, and obtain sensitive information via the PHP SELF component in the classic/views/download.php file. This is a...

8.2CVSS8AI score0.00629EPSS
Exploits0References10
Vulnrichment
Vulnrichment
added 2024/04/04 12:0 a.m.11 views

CVE-2020-25730

Cross Site Scripting XSS vulnerability in ZoneMinder before version 1.34.21, allows remote attackers execute arbitrary code, escalate privileges, and obtain sensitive information via PHPSELF component in classic/views/download.php...

6.4AI score0.00629EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/04 12:0 a.m.16 views

CVE-2020-25730

Cross Site Scripting XSS vulnerability in ZoneMinder before version 1.34.21, allows remote attackers execute arbitrary code, escalate privileges, and obtain sensitive information via PHPSELF component in classic/views/download.php...

6.3AI score0.00629EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2024/04/04 12:0 a.m.21 views

CVE-2020-25730

Cross Site Scripting XSS vulnerability in ZoneMinder before version 1.34.21, allows remote attackers execute arbitrary code, escalate privileges, and obtain sensitive information via PHPSELF component in classic/views/download.php...

8.2CVSS6.1AI score0.00629EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2024/03/19 12:0 a.m.267 views

ZoneMinder Snapshots Remote Code Execution

import re import requests from bs4 import BeautifulSoup import argparse import base64 Exploit Title: Unauthenticated RCE in ZoneMinder Snapshots Date: 12 December 2023 Discovered by : @Unblvr1 Exploit Author: Ravindu Wickramasinghe @rvizx9 Vendor Homepage: https://zoneminder.com/ Software Link:...

9.8CVSS7.4AI score0.80462EPSS
Exploits11
0day.today
0day.today
added 2024/03/18 12:0 a.m.357 views

ZoneMinder Snapshots < 1.37.33 - Unauthenticated Remote Code Execution Exploit

import re import requests from bs4 import BeautifulSoup import argparse import base64 Exploit Title: Unauthenticated RCE in ZoneMinder Snapshots Date: 12 December 2023 Discovered by : @Unblvr1 Exploit Author: Ravindu Wickramasinghe @rvizx9 Vendor Homepage: https://zoneminder.com/ Software Link:...

9.8CVSS7AI score0.80462EPSS
Exploits11
Exploit DB
Exploit DB
added 2024/03/18 12:0 a.m.301 views

ZoneMinder Snapshots &lt; 1.37.33 - Unauthenticated RCE

import re import requests from bs4 import BeautifulSoup import argparse import base64 Exploit Title: Unauthenticated RCE in ZoneMinder Snapshots Date: 12 December 2023 Discovered by : @Unblvr1 Exploit Author: Ravindu Wickramasinghe @rvizx9 Vendor Homepage: https://zoneminder.com/ Software Link:...

9.8CVSS8.6AI score0.80462EPSS
Exploits11
GithubExploit
GithubExploit
added 2023/12/27 6:44 p.m.569 views

Exploit for Missing Authorization in Zoneminder

Exploit - ZoneMinder CVE-2023-26035 There is a Unauthentica...

9.8CVSS8.9AI score0.80462EPSS
Exploits11
GithubExploit
GithubExploit
added 2023/12/24 1:37 p.m.369 views

Exploit for Missing Authorization in Zoneminder

CVE-2023-26035 ZoneMinder Snapshots - Unauthenticated !image...

9.8CVSS9.7AI score0.80462EPSS
Exploits11
GithubExploit
GithubExploit
added 2023/12/13 3:40 p.m.568 views

Exploit for Missing Authorization in Zoneminder

POC for CVE-2023-26035 Works for ZoneMinder Versions prior...

9.8CVSS9.8AI score0.80462EPSS
Exploits11
GithubExploit
GithubExploit
added 2023/12/12 2:44 p.m.212 views

Exploit for Missing Authorization in Zoneminder

Zoneminder Unauthenticated RCE via Snapshots CVE-2023-26035...

9.8CVSS8.4AI score0.80462EPSS
Exploits11
GithubExploit
GithubExploit
added 2023/12/11 7:23 p.m.323 views

Exploit for Missing Authorization in Zoneminder

CVE-2023-26035 Unauthenticated RCE in ZoneMinder Snapshots - P...

9.8CVSS9.8AI score0.80462EPSS
Exploits11
Rapid7 Blog
Rapid7 Blog
added 2023/11/17 6:41 p.m.42 views

Metasploit Weekly Wrap-Up

Possible Web Service Removal Metasploit has support for running with a local database, or from a remote web service which can be initialized with msfdb init --component webservice. Future versions of Metasploit Framework may remove the msfdb remote webservice. Users that leverage this functionali...

7.5CVSS9.8AI score0.80462EPSS
Exploits11
0day.today
0day.today
added 2023/11/14 12:0 a.m.981 views

ZoneMinder Snapshots Command Injection Exploit

This Metasploit module exploits an unauthenticated command injection in zoneminder that can be exploited by appending a command to an action of the snapshot view. Versions prior to 1.36.33 and 1.37.33 are affected. This module requires Metasploit: https://metasploit.com/download Current source:...

9.8CVSS9.8AI score0.80462EPSS
Exploits11
Packet Storm
Packet Storm
added 2023/11/14 12:0 a.m.938 views

ZoneMinder Snapshots Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ZoneMinder Snapshots Command Injection', 'Description' = %q This module exploits an unauthenticated command injection in zoneminder that can be...

9.8CVSS6.9AI score0.80462EPSS
Exploits11
Rows per page
Query Builder