Linux Distros Unpatched Vulnerability : CVE-2019-7346

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A CSRF check issue exists in ZoneMinder through 1.32.3 as whenever a CSRF check fails, a callback function is called displaying a Try again button, which allows...

Linux Distros Unpatched Vulnerability : CVE-2023-31493

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RCE Remote Code Execution exists in ZoneMinder through 1.36.33 as an attacker can create a new .php log file in language folder, while executing a crafted paylo...

Linux Distros Unpatched Vulnerability : CVE-2019-7334

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Reflected Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'Exportfile'...

Linux Distros Unpatched Vulnerability : CVE-2019-8428

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ZoneMinder before 1.32.3 has SQL Injection via the skins/classic/views/control.php groupSql parameter, as demonstrated by a newGroupMonitorIds value...

Linux Distros Unpatched Vulnerability : CVE-2017-5368

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ZoneMinder v1.30 and v1.29, an open-source CCTV server web application, is vulnerable to CSRF Cross Site Request Forgery which allows a remote attack to make...

Linux Distros Unpatched Vulnerability : CVE-2016-10206

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site request forgery CSRF vulnerability in Zoneminder 1.30 and earlier allows remote attackers to hijack the authentication of users for requests that...

Linux Distros Unpatched Vulnerability : CVE-2019-7338

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Self - Stored XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code in the view 'group' as it insecurely prints the...

Linux Distros Unpatched Vulnerability : CVE-2019-7344

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Reflected XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code in the view 'filter' as it insecurely prints the...

Linux Distros Unpatched Vulnerability : CVE-2019-7342

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - POST - Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable...

Linux Distros Unpatched Vulnerability : CVE-2016-10201

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site scripting XSS vulnerability in Zoneminder 1.30 and earlier allows remote attackers to inject arbitrary web script or HTML via the format parameter in...

Linux Distros Unpatched Vulnerability : CVE-2019-7340

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - POST - Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable...

Linux Distros Unpatched Vulnerability : CVE-2016-10202

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site scripting XSS vulnerability in Zoneminder 1.30 and earlier allows remote attackers to inject arbitrary web script or HTML via the path info to...

Linux Distros Unpatched Vulnerability : CVE-2019-7349

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Reflected Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable...

Linux Distros Unpatched Vulnerability : CVE-2019-7347

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Time-of-check Time-of-use TOCTOU Race Condition exists in ZoneMinder through 1.32.3 as a session remains active for an authenticated user even after deletion...

Linux Distros Unpatched Vulnerability : CVE-2019-7341

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Reflected - Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable...

Linux Distros Unpatched Vulnerability : CVE-2019-7345

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Self - Stored Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, as the view 'options' options.php does no input validation for the WEBTITLE, HOMEURL...

Linux Distros Unpatched Vulnerability : CVE-2019-8423

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ZoneMinder through 1.32.3 has SQL Injection via the skins/classic/views/events.php filterQueryterms0cnj parameter. CVE-2019-8423 Note that Nessus relies on the...

Linux Distros Unpatched Vulnerability : CVE-2017-5367

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple reflected XSS vulnerabilities exist within form and link input parameters of ZoneMinder v1.30 and v1.29, an open-source CCTV server web application,...

Linux Distros Unpatched Vulnerability : CVE-2016-10205

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Session fixation vulnerability in Zoneminder 1.30 and earlier allows remote attackers to hijack web sessions via the ZMSESSID cookie. CVE-2016-10205 Note that...

Linux Distros Unpatched Vulnerability : CVE-2017-7203

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Cross-Site Scripting XSS was discovered in ZoneMinder before 1.30.2. The vulnerability exists due to insufficient filtration of user-supplied data...