Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:35 a.m.9 views

CVE-2019-7326

Self - Stored Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'Host' parameter value in the view console console.php because proper filtration is omitted. This relates to the index.php?view=monitor Host Name...

6.1CVSS5.8AI score0.009EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2023/02/28 12:0 a.m.47 views

Ubuntu 16.04 ESM / 20.04 ESM / 22.04 ESM : ZoneMinder vulnerabilities (USN-5889-1)

The remote Ubuntu 16.04 ESM / 20.04 ESM / 22.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5889-1 advisory. It was discovered that ZoneMinder was not properly sanitizing URL parameters for certain views. An attacker could possibly use th...

9.8CVSS7.3AI score0.66317EPSS
Exploits18References14
Ubuntu
Ubuntu
added 2023/02/27 11:46 a.m.81 views

USN-5889-1: ZoneMinder vulnerabilities

It was discovered that ZoneMinder was not properly sanitizing URL parameters for certain views. An attacker could possibly use this issue to perform a cross-site scripting XSS attack. This issue was only fixed in Ubuntu 16.04 ESM. CVE-2019-6777 It was discovered that ZoneMinder was not properly...

9.8CVSS7.2AI score0.66317EPSS
Exploits18
NVD
NVD
added 2019/02/04 7:29 p.m.25 views

CVE-2019-7326

Self - Stored Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'Host' parameter value in the view console console.php because proper filtration is omitted. This relates to the index.php?view=monitor Host Name...

6.1CVSS5.9AI score0.009EPSS
Exploits1References1
OSV
OSV
added 2019/02/04 7:29 p.m.4 views

DEBIAN-CVE-2019-7326

Self - Stored Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'Host' parameter value in the view console console.php because proper filtration is omitted. This relates to the index.php?view=monitor Host Name...

6.1CVSS6.9AI score0.009EPSS
Exploits1References1
OSV
OSV
added 2019/02/04 7:29 p.m.28 views

CVE-2019-7326

Self - Stored Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'Host' parameter value in the view console console.php because proper filtration is omitted. This relates to the index.php?view=monitor Host Name...

6.1CVSS5.7AI score
Exploits0References1
CVE
CVE
added 2019/02/04 7:0 p.m.107 views

CVE-2019-7326

CVE-2019-7326 is a stored XSS vulnerability in ZoneMinder up to version 1.32.3. An attacker can inject HTML/JavaScript via the Host parameter value in the monitor view’s console (console.php) due to insufficient input filtration in the index.php?view=monitor Host Name field. Public sources connec...

6.1CVSS5.9AI score0.009EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2019/02/04 7:0 p.m.27 views

CVE-2019-7326

Self - Stored Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'Host' parameter value in the view console console.php because proper filtration is omitted. This relates to the index.php?view=monitor Host Name...

6.8AI score0.009EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2019/02/04 7:0 p.m.28 views

CVE-2019-7326

Self - Stored Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'Host' parameter value in the view console console.php because proper filtration is omitted. This relates to the index.php?view=monitor Host Name...

6.1CVSS2.3AI score0.009EPSS
Exploits1
Rows per page
Query Builder