2 matches found
DEBIAN-CVE-2020-25730
Cross Site Scripting XSS vulnerability in ZoneMinder before version 1.34.21, allows remote attackers execute arbitrary code, escalate privileges, and obtain sensitive information via PHPSELF component in classic/views/download.php...
CVE-2019-7333
Reflected Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'Exportfile' parameter value in the view download download.php because proper filtration is omitted...