ZoneMinder Cross-Site Scripting Vulnerability (CNVD-2022-57822)

ZoneMinder is an open source video surveillance software system. The system supports IP, USB and analog cameras, etc. A cross-site scripting vulnerability exists in ZoneMinder 1.32.3 and earlier versions, which stems from the events.php file displaying the 'limit' parameter value without arbitrar...

ZoneMinder Cross-Site Scripting Vulnerability (CNVD-2022-57813)

ZoneMinder is an open source video surveillance software system. ZoneMinder 1.32.3 and earlier versions have a cross-site scripting vulnerability, which stems from the fact that the program is not properly filtered and can be exploited by remote attackers with the 'filterAutoExecuteCmd' parameter...

ZoneMinder Cross-Site Scripting Vulnerability (CNVD-2022-57820)

ZoneMinder is an open source video surveillance software system. ZoneMinder 1.32.3 and earlier versions have a cross-site scripting vulnerability, which stems from the fact that the program is not properly filtered and a remote attacker can execute HTML or JavaScript code with the help of the...

ZoneMinder Cross-Site Scripting Vulnerability (CNVD-2022-57837)

ZoneMinder is an open source video surveillance software system. The system supports IP, USB and analog cameras, etc. A cross-site scripting vulnerability exists in ZoneMinder 1.32.3 and prior versions, which can be exploited by remote attackers to execute scripts in the user's browser...

ZoneMinder Cross-Site Scripting Vulnerability (CNVD-2022-57832)

ZoneMinder is an open source video surveillance software system. The system supports IP, USB and analog cameras, etc. A cross-site scripting vulnerability exists in ZoneMinder 1.32.3 and earlier versions, which stems from the fact that the program is not properly filtered and can be exploited by...

ZoneMinder Cross-Site Scripting Vulnerability (CNVD-2022-57838)

ZoneMinder is an open source video surveillance software system. ZoneMinder 1.32.3 and earlier versions have a cross-site scripting vulnerability, which stems from the fact that the program is not properly filtered and can be exploited by remote attackers to execute arbitrary HTML or JavaScript...

ZoneMinder Cross-Site Scripting Vulnerability (CNVD-2022-57816)

ZoneMinder is an open source video surveillance software system. ZoneMinder 1.32.3 and earlier versions have a cross-site scripting vulnerability, which stems from the fact that the program is not properly filtered and can be exploited by remote attackers to execute HTML or JavaScript code with t...

ZoneMinder Cross-Site Scripting Vulnerability (CNVD-2022-57826)

ZoneMinder is an open source video surveillance software system. ZoneMinder 1.32.3 and earlier versions have a cross-site scripting vulnerability that stems from the fact that the program is not properly filtered and can be exploited by remote attackers with the 'newMonitorMethod' parameter to...

ZoneMinder Cross-Site Scripting Vulnerability (CNVD-2022-57834)

ZoneMinder is an open source video surveillance software system. The system supports IP, USB and analog cameras, etc. A cross-site scripting vulnerability exists in ZoneMinder 1.32.3 and prior versions, which stems from the fact that the program does not validate input or filter output, and can b...

ZoneMinder Cross-Site Scripting Vulnerability (CNVD-2022-57833)

ZoneMinder is an open source video surveillance software system. ZoneMinder 1.32.3 and earlier versions have a cross-site scripting vulnerability, which stems from the fact that the program is not properly filtered and can be exploited by remote attackers to execute HTML or JavaScript code with t...

ZoneMinder Cross-Site Scripting Vulnerability (CNVD-2022-57831)

ZoneMinder is an open source video surveillance software system. The system supports IP, USB and analog cameras, etc. A cross-site scripting vulnerability exists in ZoneMinder 1.32.3 and earlier versions, which stems from the fact that the program is not properly filtered and can be exploited by...

ZoneMinder Cross-Site Scripting Vulnerability (CNVD-2022-57810)

ZoneMinder is an open source video surveillance software system. The system supports IP, USB and analog cameras, etc. ZoneMinder 1.32.3 and previous versions have a cross-site scripting vulnerability that can be exploited by remote attackers to execute HTML or JavaScript code...

ZoneMinder Cross-Site Scripting Vulnerability (CNVD-2022-57805)

ZoneMinder is an open source video surveillance software system. The system supports IP, USB and analog cameras, etc. A cross-site scripting vulnerability exists in ZoneMinder 1.32.3 and earlier versions, which can be exploited by remote attackers with the 'newMonitorV4LCapturesPerFrame' paramete...

ZoneMinder Cross-Site Scripting Vulnerability (CNVD-2022-57825)

ZoneMinder is an open source video surveillance software system. ZoneMinder 1.32.3 and previous versions have a cross-site scripting vulnerability, which stems from the program not being properly filtered, and can be exploited by remote attackers to execute HTML or JavaScript code with the help o...

PT-2022-6497 · Unknown +4 · Zoneminder +4

Name of the Vulnerable Software and Affected Versions: ZoneMinder versions prior to 1.36.13 Description: The issue is related to incorrect restriction of a directory path with limited access in ZoneMinder, a video surveillance software. This can be exploited by a remote attacker to execute...

Mageia: Security Advisory (MGASA-2017-0162)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Cross-site Scripting (XSS)

zoneminder:edge is vulnerable to denial of service. Stored XSS in the Filters page Name field in ZoneMinder allows a malicious user to embed and execute JavaScript code in the browser of any user who navigates to this page...

Cross-site Scripting (XSS)

ZoneMinder is vulnerable to cross-site scripting. The vulnerability exists due to an insecure connkey parameter to download.php or export.php...

SQL Injection

ZoneMinder has SQL Injection via the skins/classic/views/events.php filterQueryterms0cnj parameter...

Cross-site Scripting (XSS)

zoneminder is vulnerable to cross-site scripting. An attacker is able to execute HTML or javascript via web/skins/classic/views/controlcaps.php via a long NAME or PROTOCOL to the index.php?view=controlcaps URI...