1264 matches found
CVE-2022-29806
ZoneMinder before 1.36.13 allows remote code execution via an invalid language. Ability to create a debug log file at an arbitrary pathname contributes to exploitability...
CVE-2022-29806
ZoneMinder before 1.36.13 allows remote code execution via an invalid language. Ability to create a debug log file at an arbitrary pathname contributes to exploitability...
CVE-2022-29806
ZoneMinder before 1.36.13 allows remote code execution via an invalid language. Ability to create a debug log file at an arbitrary pathname contributes to exploitability...
CVE-2022-29806
ZoneMinder before 1.36.13 allows remote code execution via an invalid language. Ability to create a debug log file at an arbitrary pathname contributes to exploitability...
UBUNTU-CVE-2022-29806
ZoneMinder before 1.36.13 allows remote code execution via an invalid language. Ability to create a debug log file at an arbitrary pathname contributes to exploitability...
CVE-2022-29806
ZoneMinder before 1.36.13 allows remote code execution via an invalid language. Ability to create a debug log file at an arbitrary pathname contributes to exploitability...
Remote code execution
ZoneMinder before 1.36.13 allows remote code execution via an invalid language. Ability to create a debug log file at an arbitrary pathname contributes to exploitability...
CVE-2022-29806
ZoneMinder before 1.36.13 allows remote code execution via an invalid language. Ability to create a debug log file at an arbitrary pathname contributes to exploitability...
CVE-2022-29806
ZoneMinder before 1.36.13 allows remote code execution via an invalid language. Ability to create a debug log file at an arbitrary pathname contributes to exploitability...
CVE-2022-29806
CVE-2022-29806 affects ZoneMinder prior to 1.36.13 (and 1.37.11). A path-traversal flaw combined with an arbitrary log file write in the language/debug log path allows attackers to write and execute arbitrary code, enabling remote command execution. There is public exploitation evidence (GitHub e...
ZoneMinder 路径遍历漏洞
ZoneMinder is an open source video surveillance software system. The system supports IP, USB and analog cameras, etc. A remote code execution vulnerability exists in versions prior to ZoneMinder 1.36.13, which can be exploited by attackers to cause arbitrary code execution...
ZoneMinder Cross-Site Scripting Vulnerability (CNVD-2022-57819)
ZoneMinder is an open source video surveillance software system. The system supports IP, USB and analog cameras, etc. A cross-site scripting vulnerability exists in ZoneMinder 1.32.3 and earlier versions, which stems from the options.php file not validating the values of 'WEBTITLE, HOMEURL', '...
ZoneMinder Cross-Site Scripting Vulnerability (CNVD-2022-57803)
ZoneMinder is an open source video surveillance software system. The system supports IP, USB and analog cameras, etc. A cross-site scripting vulnerability exists in ZoneMinder 1.32.3 and previous versions, which can be exploited by remote attackers to execute HTML or JavaScript code with the help...
ZoneMinder Cross-Site Scripting Vulnerability (CNVD-2022-57801)
ZoneMinder is an open source video surveillance software system. The system supports IP, USB and analog cameras, etc. A cross-site scripting vulnerability exists in ZoneMinder 1.32.3 and prior versions, which stems from the program not being properly filtered and could be exploited by remote...
ZoneMinder Cross-Site Scripting Vulnerability (CNVD-2022-57828)
ZoneMinder is an open source video surveillance software system. ZoneMinder 1.32.3 and earlier versions have a cross-site scripting vulnerability, which stems from the fact that the program does not filter user input and can be exploited by remote attackers to execute scripts in the user's browse...
ZoneMinder Competition Conditions Vulnerability
ZoneMinder is an open source video surveillance software system. The system supports IP, USB and analog cameras, etc. A competing condition vulnerability exists in ZoneMinder 1.32.3 and prior versions, which can be exploited by remote attackers to access and modify records...
ZoneMinder Cross-Site Scripting Vulnerability (CNVD-2022-57841)
ZoneMinder is an open source video surveillance software system. ZoneMinder 1.32.3 and earlier versions have a cross-site scripting vulnerability that stems from the fact that the program is not properly filtered and can be exploited by remote attackers to execute arbitrary HTML or JavaScript cod...
ZoneMinder Cross-Site Scripting Vulnerability (CNVD-2022-57836)
ZoneMinder is an open source video surveillance software system. The system supports IP, USB and analog cameras, etc. A cross-site scripting vulnerability exists in ZoneMinder 1.32.3 and prior versions, which stems from the program not being properly filtered and could be exploited by remote...
ZoneMinder Cross-Site Request Forgery Vulnerability (CNVD-2022-57808)
ZoneMinder is an open source video surveillance software system. The system supports IP, USB and analog cameras, etc. A cross-site request forgery vulnerability exists in ZoneMinder 1.32.3 and prior versions, which can be exploited by remote attackers to perform unauthorized operations...
ZoneMinder Cross-Site Scripting Vulnerability (CNVD-2022-57839)
ZoneMinder is an open source video surveillance software system. ZoneMinder 1.32.3 and previous versions have a cross-site scripting vulnerability, which stems from the program is not properly filtered, remote attackers can use the 'scale' parameter to execute arbitrary html or JavaScript code wi...