319 matches found
CVE-2024-43360
ZoneMinder is a free, open source closed-circuit television software application. ZoneMinder is affected by a time-based SQL Injection vulnerability. This vulnerability is fixed in 1.36.34 and 1.37.61...
CVE-2024-43359
ZoneMinder is a free, open source closed-circuit television software application. ZoneMinder has a cross-site scripting vulnerability in the montagereview via the displayinterval, speed, and scale parameters. This vulnerability is fixed in 1.36.34 and 1.37.61...
CVE-2024-43359
ZoneMinder is a free, open source closed-circuit television software application. ZoneMinder has a cross-site scripting vulnerability in the montagereview via the displayinterval, speed, and scale parameters. This vulnerability is fixed in 1.36.34 and 1.37.61...
CVE-2024-43358
ZoneMinder is a free, open source closed-circuit television software application. ZoneMinder has a cross-site scripting vulnerability in the filter view via the filterId. This vulnerability is fixed in 1.36.34 and 1.37.61...
CVE-2024-43358
ZoneMinder is a free, open source closed-circuit television software application. ZoneMinder has a cross-site scripting vulnerability in the filter view via the filterId. This vulnerability is fixed in 1.36.34 and 1.37.61...
CVE-2024-43359
ZoneMinder is a free, open source closed-circuit television software application. ZoneMinder has a cross-site scripting vulnerability in the montagereview via the displayinterval, speed, and scale parameters. This vulnerability is fixed in 1.36.34 and 1.37.61...
CVE-2024-43360
ZoneMinder is a free, open source closed-circuit television software application. ZoneMinder is affected by a time-based SQL Injection vulnerability. This vulnerability is fixed in 1.36.34 and 1.37.61...
CVE-2024-43360
ZoneMinder is affected by a time-based SQL Injection (CWE-89) vulnerability. The issue affects ZoneMinder installations and is publicly documented in multiple sources, including a dedicated Nuclei template for CVE-2024-43360. The underlying problem is a time-based SQL injection that can be exploi...
CVE-2024-43359
CVE-2024-43359 affects ZoneMinder. Multiple connected sources confirm a cross-site scripting vulnerability in the montagereview feature that is exploitable via the displayinterval, speed, and scale parameters. The issue is fixed in ZoneMinder releases 1.36.34 and 1.37.61. The available documents ...
CVE-2024-43359 XSS vulnerabilities in montagereview
ZoneMinder is a free, open source closed-circuit television software application. ZoneMinder has a cross-site scripting vulnerability in the montagereview via the displayinterval, speed, and scale parameters. This vulnerability is fixed in 1.36.34 and 1.37.61...
CVE-2024-43359
ZoneMinder is a free, open source closed-circuit television software application. ZoneMinder has a cross-site scripting vulnerability in the montagereview via the displayinterval, speed, and scale parameters. This vulnerability is fixed in 1.36.34 and 1.37.61...
CVE-2024-43358
Vulnerability summary (CVE-2024-43358). ZoneMinder (open-source CCTV software) contains a cross-site scripting (XSS) vulnerability in the filter view via the filter[Id] parameter. The issue is documented as fixed in versions 1.36.34 and 1.37.61. Connected sources corroborate the vulnerability and...
CVE-2024-43358
ZoneMinder is a free, open source closed-circuit television software application. ZoneMinder has a cross-site scripting vulnerability in the filter view via the filterId. This vulnerability is fixed in 1.36.34 and 1.37.61...
CVE-2024-43358 XSS vulnerability in filter view
ZoneMinder is a free, open source closed-circuit television software application. ZoneMinder has a cross-site scripting vulnerability in the filter view via the filterId. This vulnerability is fixed in 1.36.34 and 1.37.61...
CVE-2023-41884
CVE-2023-41884 affects ZoneMinder: watch.php processes multiple SQL query parameters without proper sanitization, creating a SQL Injection risk in the ZoneMinder 1.x series. The vulnerability is described in the public CVE entry and corroborated by multiple sources noting the issue originates fro...
CVE-2023-41884 ZoneMinder Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in watch.php
ZoneMinder is a free, open source Closed-circuit television software application. In WWW/AJAX/watch.php, Line: 51 takes a few parameter in sql query without sanitizing it which makes it vulnerable to sql injection. This vulnerability is fixed in 1.36.34...
Key safe security, or the lack of it
A few years back we put a key safe into our office. Previously, we had used a very simple locked cabinet to ensure keys were returned, as before that, keys kept being accidentally taken home. There’s no data of significance kept at the office. Everything is hosted elsewhere, but we could do witho...
At the Olympics, AI Is Watching You
A controversial new surveillance system in Paris foreshadows a future where there are too many CCTV cameras for humans to physically watch...
cctvfirst.co.uk Cross Site Scripting vulnerability OBB-3725734
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2023-0506
The web service of ByDemes Group Airspace CCTV Web Service in its 2.616.BY00.11 version, contains a privilege escalation vulnerability, detected in the Camera Control Panel, whose exploitation could allow a low-privileged attacker to gain administrator access...