Lucene search
+L

5 matches found

nessus
nessus
added 2023/02/28 12:0 a.m.48 views

Ubuntu 16.04 ESM / 20.04 ESM / 22.04 ESM : ZoneMinder vulnerabilities (USN-5889-1)

The remote Ubuntu 16.04 ESM / 20.04 ESM / 22.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5889-1 advisory. It was discovered that ZoneMinder was not properly sanitizing URL parameters for certain views. An attacker could possibly use th...

9.8CVSS7.3AI score0.67128EPSS
Exploits18References14
ubuntu
ubuntu
added 2023/02/27 11:46 a.m.81 views

USN-5889-1: ZoneMinder vulnerabilities

It was discovered that ZoneMinder was not properly sanitizing URL parameters for certain views. An attacker could possibly use this issue to perform a cross-site scripting XSS attack. This issue was only fixed in Ubuntu 16.04 ESM. CVE-2019-6777 It was discovered that ZoneMinder was not properly...

9.8CVSS7.2AI score0.67128EPSS
Exploits18
cvelist
cvelist
added 2019/01/28 8:0 p.m.26 views

CVE-2019-6990

A stored-self XSS exists in web/skins/classic/views/zones.php of ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code in a vulnerable field via a crafted Zone NAME to the index.php?view=zones&action=zoneImage&mid=1 URI...

5.6AI score0.00708EPSS
Exploits1References2
alpinelinux
alpinelinux
added 2019/01/28 8:0 p.m.52 views

CVE-2019-6990

A stored-self XSS exists in web/skins/classic/views/zones.php of ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code in a vulnerable field via a crafted Zone NAME to the index.php?view=zones&action=zoneImage&mid=1 URI...

5.4CVSS5.7AI score0.00708EPSS
Exploits1
cve
cve
added 2019/01/28 8:0 p.m.98 views

CVE-2019-6990

CVE-2019-6990 is a stored-self XSS in ZoneMinder up to version 1.32.3, triggered via a crafted Zone NAME in the URL index.php?view=zones&action=zoneImage&mid=1. The vulnerability affects web/skins/classic/views/zones.php. Exploitation could allow HTML/JavaScript execution in the vulnerable field....

5.4CVSS5.5AI score0.00708EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder