Lucene search
K

1264 matches found

CNVD
CNVD
added 2022/04/01 12:0 a.m.19 views

ZoneMinder Cross-Site Scripting Vulnerability (CNVD-2022-57810)

ZoneMinder is an open source video surveillance software system. The system supports IP, USB and analog cameras, etc. ZoneMinder 1.32.3 and previous versions have a cross-site scripting vulnerability that can be exploited by remote attackers to execute HTML or JavaScript code...

6.1CVSS3.4AI score0.00873EPSS
Exploits1References1
CNVD
CNVD
added 2022/04/01 12:0 a.m.19 views

ZoneMinder Cross-Site Scripting Vulnerability (CNVD-2022-57813)

ZoneMinder is an open source video surveillance software system. ZoneMinder 1.32.3 and earlier versions have a cross-site scripting vulnerability, which stems from the fact that the program is not properly filtered and can be exploited by remote attackers with the 'filterAutoExecuteCmd' parameter...

6.1CVSS3.4AI score0.00989EPSS
Exploits1References1
CNVD
CNVD
added 2022/04/01 12:0 a.m.16 views

ZoneMinder Cross-Site Scripting Vulnerability (CNVD-2022-57820)

ZoneMinder is an open source video surveillance software system. ZoneMinder 1.32.3 and earlier versions have a cross-site scripting vulnerability, which stems from the fact that the program is not properly filtered and a remote attacker can execute HTML or JavaScript code with the help of the...

6.1CVSS2.4AI score0.00873EPSS
Exploits1References1
CNVD
CNVD
added 2022/04/01 12:0 a.m.25 views

ZoneMinder Cross-Site Scripting Vulnerability (CNVD-2022-57839)

ZoneMinder is an open source video surveillance software system. ZoneMinder 1.32.3 and previous versions have a cross-site scripting vulnerability, which stems from the program is not properly filtered, remote attackers can use the 'scale' parameter to execute arbitrary html or JavaScript code wi...

6.1CVSS3.5AI score0.009EPSS
Exploits1References1
CNVD
CNVD
added 2022/04/01 12:0 a.m.28 views

ZoneMinder Cross-Site Scripting Vulnerability (CNVD-2022-57805)

ZoneMinder is an open source video surveillance software system. The system supports IP, USB and analog cameras, etc. A cross-site scripting vulnerability exists in ZoneMinder 1.32.3 and earlier versions, which can be exploited by remote attackers with the 'newMonitorV4LCapturesPerFrame' paramete...

6.1CVSS3.2AI score0.00873EPSS
Exploits1References1
CNVD
CNVD
added 2022/04/01 12:0 a.m.26 views

ZoneMinder Cross-Site Scripting Vulnerability (CNVD-2022-57803)

ZoneMinder is an open source video surveillance software system. The system supports IP, USB and analog cameras, etc. A cross-site scripting vulnerability exists in ZoneMinder 1.32.3 and previous versions, which can be exploited by remote attackers to execute HTML or JavaScript code with the help...

6.1CVSS3AI score0.00769EPSS
Exploits1References1
CNVD
CNVD
added 2022/04/01 12:0 a.m.20 views

ZoneMinder Cross-Site Scripting Vulnerability (CNVD-2022-57819)

ZoneMinder is an open source video surveillance software system. The system supports IP, USB and analog cameras, etc. A cross-site scripting vulnerability exists in ZoneMinder 1.32.3 and earlier versions, which stems from the options.php file not validating the values of 'WEBTITLE, HOMEURL', '...

4.8CVSS2.4AI score0.00674EPSS
Exploits1References1
CNVD
CNVD
added 2022/04/01 12:0 a.m.27 views

ZoneMinder Cross-Site Scripting Vulnerability (CNVD-2022-57828)

ZoneMinder is an open source video surveillance software system. ZoneMinder 1.32.3 and earlier versions have a cross-site scripting vulnerability, which stems from the fact that the program does not filter user input and can be exploited by remote attackers to execute scripts in the user's browse...

6.1CVSS5.4AI score0.00873EPSS
Exploits1References1
CNVD
CNVD
added 2022/04/01 12:0 a.m.25 views

ZoneMinder Cross-Site Scripting Vulnerability (CNVD-2022-57837)

ZoneMinder is an open source video surveillance software system. The system supports IP, USB and analog cameras, etc. A cross-site scripting vulnerability exists in ZoneMinder 1.32.3 and prior versions, which can be exploited by remote attackers to execute scripts in the user's browser...

6.1CVSS5.4AI score0.01019EPSS
Exploits1References1
CNVD
CNVD
added 2022/04/01 12:0 a.m.24 views

ZoneMinder Cross-Site Scripting Vulnerability (CNVD-2022-57801)

ZoneMinder is an open source video surveillance software system. The system supports IP, USB and analog cameras, etc. A cross-site scripting vulnerability exists in ZoneMinder 1.32.3 and prior versions, which stems from the program not being properly filtered and could be exploited by remote...

6.1CVSS2.6AI score0.00873EPSS
Exploits1References1
CNVD
CNVD
added 2022/04/01 12:0 a.m.17 views

ZoneMinder Cross-Site Scripting Vulnerability (CNVD-2022-57831)

ZoneMinder is an open source video surveillance software system. The system supports IP, USB and analog cameras, etc. A cross-site scripting vulnerability exists in ZoneMinder 1.32.3 and earlier versions, which stems from the fact that the program is not properly filtered and can be exploited by...

6.1CVSS2.7AI score0.00873EPSS
Exploits1References1
CNVD
CNVD
added 2022/04/01 12:0 a.m.18 views

ZoneMinder Cross-Site Scripting Vulnerability (CNVD-2022-57822)

ZoneMinder is an open source video surveillance software system. The system supports IP, USB and analog cameras, etc. A cross-site scripting vulnerability exists in ZoneMinder 1.32.3 and earlier versions, which stems from the events.php file displaying the 'limit' parameter value without arbitrar...

4.8CVSS4.3AI score0.00677EPSS
Exploits1References1
CNVD
CNVD
added 2022/04/01 12:0 a.m.31 views

ZoneMinder Cross-Site Scripting Vulnerability (CNVD-2022-57816)

ZoneMinder is an open source video surveillance software system. ZoneMinder 1.32.3 and earlier versions have a cross-site scripting vulnerability, which stems from the fact that the program is not properly filtered and can be exploited by remote attackers to execute HTML or JavaScript code with t...

6.1CVSS3.2AI score0.00874EPSS
Exploits1References1
CNVD
CNVD
added 2022/04/01 12:0 a.m.24 views

ZoneMinder Cross-Site Scripting Vulnerability (CNVD-2022-57838)

ZoneMinder is an open source video surveillance software system. ZoneMinder 1.32.3 and earlier versions have a cross-site scripting vulnerability, which stems from the fact that the program is not properly filtered and can be exploited by remote attackers to execute arbitrary HTML or JavaScript...

6.1CVSS2.9AI score0.009EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2022/02/08 12:0 a.m.4 views

PT-2022-6497 · Unknown +4 · Zoneminder +4

Name of the Vulnerable Software and Affected Versions: ZoneMinder versions prior to 1.36.13 Description: The issue is related to incorrect restriction of a directory path with limited access in ZoneMinder, a video surveillance software. This can be exploited by a remote attacker to execute...

10CVSS6.9AI score0.80462EPSS
Exploits40References94
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.28 views

Mageia: Security Advisory (MGASA-2017-0162)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.4AI score0.06739EPSS
Exploits12References9
Veracode
Veracode
added 2021/09/30 7:48 a.m.20 views

Cross-site Scripting (XSS)

zoneminder:edge is vulnerable to denial of service. Stored XSS in the Filters page Name field in ZoneMinder allows a malicious user to embed and execute JavaScript code in the browser of any user who navigates to this page...

5.4CVSS4AI score0.00863EPSS
Exploits1References3Affected Software1
Veracode
Veracode
added 2021/09/30 7:37 a.m.18 views

Cross-site Scripting (XSS)

ZoneMinder is vulnerable to cross-site scripting. The vulnerability exists due to an insecure connkey parameter to download.php or export.php...

6.1CVSS1.8AI score0.01211EPSS
Exploits0References4Affected Software1
Veracode
Veracode
added 2021/09/30 7:23 a.m.21 views

SQL Injection

ZoneMinder has SQL Injection via the skins/classic/views/events.php filterQueryterms0cnj parameter...

9.8CVSS4.7AI score0.01614EPSS
Exploits1References3Affected Software1
Veracode
Veracode
added 2021/09/30 6:25 a.m.22 views

Cross-site Scripting (XSS)

zoneminder is vulnerable to cross-site scripting. An attacker is able to execute HTML or javascript via web/skins/classic/views/controlcaps.php via a long NAME or PROTOCOL to the index.php?view=controlcaps URI...

6.1CVSS2AI score0.00897EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder