Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:35 a.m.7 views

CVE-2019-7329

Reflected Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, as the form action on multiple views utilizes $SERVER'PHPSELF' insecurely, mishandling any arbitrary input appended to the webroot URL, without any proper filtration, leading to XSS...

6.1CVSS6.1AI score0.01019EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2023/02/28 12:0 a.m.47 views

Ubuntu 16.04 ESM / 20.04 ESM / 22.04 ESM : ZoneMinder vulnerabilities (USN-5889-1)

The remote Ubuntu 16.04 ESM / 20.04 ESM / 22.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5889-1 advisory. It was discovered that ZoneMinder was not properly sanitizing URL parameters for certain views. An attacker could possibly use th...

9.8CVSS7.3AI score0.66317EPSS
Exploits18References14
Ubuntu
Ubuntu
added 2023/02/27 11:46 a.m.81 views

USN-5889-1: ZoneMinder vulnerabilities

It was discovered that ZoneMinder was not properly sanitizing URL parameters for certain views. An attacker could possibly use this issue to perform a cross-site scripting XSS attack. This issue was only fixed in Ubuntu 16.04 ESM. CVE-2019-6777 It was discovered that ZoneMinder was not properly...

9.8CVSS7.2AI score0.66317EPSS
Exploits18
NVD
NVD
added 2019/02/04 7:29 p.m.24 views

CVE-2019-7329

Reflected Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, as the form action on multiple views utilizes $SERVER'PHPSELF' insecurely, mishandling any arbitrary input appended to the webroot URL, without any proper filtration, leading to XSS...

6.1CVSS6AI score0.01019EPSS
Exploits1References1
AlpineLinux
AlpineLinux
added 2019/02/04 7:0 p.m.39 views

CVE-2019-7329

Reflected Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, as the form action on multiple views utilizes $SERVER'PHPSELF' insecurely, mishandling any arbitrary input appended to the webroot URL, without any proper filtration, leading to XSS...

6.1CVSS6.3AI score0.01019EPSS
Exploits1
Cvelist
Cvelist
added 2019/02/04 7:0 p.m.30 views

CVE-2019-7329

Reflected Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, as the form action on multiple views utilizes $SERVER'PHPSELF' insecurely, mishandling any arbitrary input appended to the webroot URL, without any proper filtration, leading to XSS...

6.9AI score0.01019EPSS
Exploits1References1
CVE
CVE
added 2019/02/04 7:0 p.m.91 views

CVE-2019-7329

CVE-2019-7329 is a reflected XSS in ZoneMinder up to version 1.32.3. The vulnerability arises because several form actions use $_SERVER['PHP_SELF'] without proper input filtration, allowing arbitrary input appended to the webroot URL to be reflected in the page. The connected OpenVAS and OSV entr...

6.1CVSS6AI score0.01019EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder