Lucene search
K

7 matches found

OpenVAS
OpenVAS
added 2018/02/07 12:0 a.m.35 views

Debian: Security Advisory (DLA-1145-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.9AI score0.00434EPSS
Exploits2References4
Debian
Debian
added 2017/10/26 4:18 p.m.39 views

[SECURITY] [DLA 1145-1] zoneminder security update

Package : zoneminder Version : 1.25.0-4+deb7u2 CVE ID : CVE-2017-5595 Multiple vulnerabilities have been found in zoneminder. This update fixes only a serious file disclosure vulnerability CVE-2017-5595. The application has been found to suffer from many other problems such as SQL injection...

5.5CVSS6.6AI score0.00434EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2017/02/21 12:0 a.m.45 views

Fedora 24 : zoneminder (2017-d5fb74cd2e)

Security fix for CVE-2017-5595 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300...

5.5CVSS6.3AI score0.00434EPSS
Exploits2References2
NVD
NVD
added 2017/02/06 5:59 p.m.16 views

CVE-2017-5595

A file disclosure and inclusion vulnerability exists in web/views/file.php in ZoneMinder 1.x through v1.30.0 because of unfiltered user-input being passed to readfile, which allows an authenticated attacker to read local system files e.g., /etc/passwd in the context of the web server user www-dat...

5.5CVSS5.1AI score0.00434EPSS
Exploits2References4
CVE
CVE
added 2017/02/06 5:0 p.m.100 views

CVE-2017-5595

CVE-2017-5595 affects ZoneMinder 1.x up to v1.30.0, enabling an authenticated attacker to read local files (e.g., /etc/passwd) via web/views/file.php due to unfiltered input passed to readfile(); the attack uses a .. in the path parameter zm/index.php?view=file&path=. Connected advisories confirm...

5.5CVSS5.2AI score0.00434EPSS
Exploits2References4Affected Software1
Packet Storm
Packet Storm
added 2017/02/06 12:0 a.m.922 views

ZoneMinder XSS / CSRF / File Disclosure / Authentication Bypass

========================================================================== Product: ZoneMinder Versions: Multiple versions - see inline Vulnerabilities: File disclosure, XSS, CSRF, Auth bypass & Info disclosure CVE-IDs: CVE-2017-5595, CVE-2017-5367, CVE-2017-5368, CVE-2016-10140 Author: John...

0.6AI score0.06739EPSS
Exploits4
0day.today
0day.today
added 2017/02/05 12:0 a.m.92 views

ZoneMinder - Multiple Vulnerabilities

Exploit for php platform in category web applications ========================================================================== Product: ZoneMinder Versions: Multiple versions - see inline Vulnerabilities: File disclosure, XSS, CSRF, Auth bypass & Info disclosure CVE-IDs: CVE-2017-5595,...

6.8CVSS6.5AI score0.06739EPSS
Exploits4
Rows per page
Query Builder