ZoneMinder Cross-Site Scripting Vulnerability (CNVD-2022-71409)

ZoneMinder is a free open source CCTV software application for the Linux environment that supports IP, USB, and analog cameras.A stored cross-site scripting vulnerability exists in the Filters page Name field in ZoneMinder 1.32.3. An attacker could exploit this vulnerability to embed and execute...

CVE-2019-13072

Stored XSS in the Filters page Name field in ZoneMinder 1.32.3 allows a malicious user to embed and execute JavaScript code in the browser of any user who navigates to this page...

CVE-2019-13072

Stored XSS in the Filters page Name field in ZoneMinder 1.32.3 allows a malicious user to embed and execute JavaScript code in the browser of any user who navigates to this page...

Cross site scripting

Stored XSS in the Filters page Name field in ZoneMinder 1.32.3 allows a malicious user to embed and execute JavaScript code in the browser of any user who navigates to this page...

UBUNTU-CVE-2019-13072

Stored XSS in the Filters page Name field in ZoneMinder 1.32.3 allows a malicious user to embed and execute JavaScript code in the browser of any user who navigates to this page...

CVE-2019-13072

Stored XSS in the Filters page Name field in ZoneMinder 1.32.3 allows a malicious user to embed and execute JavaScript code in the browser of any user who navigates to this page...

CVE-2019-13072

The CVE-2019-13072 entry describes a Stored XSS vulnerability in ZoneMinder 1.32.3, specifically in the Filters page (Name field). The underlying issue is a stored script that can be embedded and executed in the browser of any user visiting that page. Multiple connected sources (NVD/NASL/Nessus/N...

CVE-2019-13072

Stored XSS in the Filters page Name field in ZoneMinder 1.32.3 allows a malicious user to embed and execute JavaScript code in the browser of any user who navigates to this page...

CVE-2019-13072

Stored XSS in the Filters page Name field in ZoneMinder 1.32.3 allows a malicious user to embed and execute JavaScript code in the browser of any user who navigates to this page...

CVE-2019-13072

Stored XSS in the Filters page Name field in ZoneMinder 1.32.3 allows a malicious user to embed and execute JavaScript code in the browser of any user who navigates to this page...

PT-2019-13110 · Zoneminder +1 · Zoneminder +1

Name of the Vulnerable Software and Affected Versions: ZoneMinder version 1.32.3 Description: The issue allows a malicious user to embed and execute JavaScript code in the browser of any user who navigates to the Filters page, specifically by exploiting the Name field. This is a result of a store...

ZoneMinder 1.32.3 Cross Site Scripting

Exploit Title: ZoneMinder 1.32.3 - Stored Cross Site Scripting filters Google Dork: None Date: 6/29/2019 Exploit Author: Joey Lane Vendor Homepage: https://zoneminder.com Software Link: https://github.com/ZoneMinder/zoneminder/releases Version: 1.32.3 Tested on: Ubuntu 16.04 CVE : Pending...

ZoneMinder SQL Injection Vulnerability (CNVD-2019-04692)

ZoneMinder is an open source video surveillance software system. The system supports IP, USB and analog cameras and more. SQL injection vulnerability exists in the ajax/status.php file in versions prior to ZoneMinder 1.32.3, which can be exploited by remote attackers to execute SQL commands with...

ZoneMinder Command Injection Vulnerability

ZoneMinder is a free and open source CCTV software application for Linux environments that supports IP, USB and analog cameras. A command injection vulnerability exists in ZoneMinder prior to version 1.32.3 in the daemonControl in includes/functions.php, which can be exploited by an attacker via...

ZoneMinder Cross-Site Scripting Vulnerability (CNVD-2019-04686)

ZoneMinder is an open source video surveillance software system. The system supports IP, USB and analog cameras and more. A cross-site scripting vulnerability exists in the build of SQL-ERR messages in the includes/database.php file of ZoneMinder versions prior to 1.32.3, which can be exploited b...

ZoneMinder SQL Injection Vulnerability (CNVD-2019-04693)

ZoneMinder is an open source video surveillance software system. The system supports IP, USB and analog cameras and more. SQL injection vulnerability exists in the skins/classic/views/control.php file in versions prior to ZoneMinder 1.32.3, which can be exploited by remote attackers to execute SQ...

ZoneMinder SQL Injection Vulnerability (CNVD-2019-04687)

ZoneMinder is an open source video surveillance software system. The system supports IP, USB and analog cameras and more. SQL injection vulnerability exists in the ajax/status.php file in versions prior to ZoneMinder 1.32.3, which can be exploited by remote attackers to execute SQL commands with...

ZoneMinder cross-site scripting vulnerability (CNVD-2019-04695)

ZoneMinder is an open source video surveillance software system. The system supports IP, USB and analog cameras and more. ZoneMinder 1.32.3 before the version of skins/classic/views/controlcap.php file has a cross-site scripting vulnerability , a remote attacker can use the newControl array with...

ZoneMinder SQL Injection Vulnerability (CNVD-2019-04688)

ZoneMinder is an open source video surveillance software system. The system supports IP, USB and analog cameras and more. ZoneMinder 1.32.3 and earlier versions of skins/classic/views/events.php file has a SQL injection vulnerability , a remote attacker can with the help of 'filterQueryterms0cnj'...

Design/Logic Flaw

includes/database.php in ZoneMinder before 1.32.3 has XSS in the construction of SQL-ERR messages...