zoneminder is vulnerable to information disclosure. The vulnerability exists due to not properly hiding database log contents which allows an attacker to gain access to the system and perform insertion, modification, deletion of logs without system privileges.