Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports

Toggle filters

41 – 50 of 85 results

CVE-2019-7345

Low priority
Vulnerable

Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, as the view 'options' (options.php) does no input validation for the WEB_TITLE, HOME_URL, HOME_CONTENT, or WEB_CONSOLE_BANNER value, allowing an...

1 affected packages

zoneminder

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
zoneminder Vulnerable Vulnerable Vulnerable Not in release Vulnerable
Show less packages

CVE-2019-7344

Medium priority
Vulnerable

Reflected XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code in the view 'filter' as it insecurely prints the 'filter[Name]' (aka Filter name) value on the web page without applying...

1 affected packages

zoneminder

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
zoneminder Vulnerable Vulnerable Vulnerable Not in release Vulnerable
Show less packages

CVE-2019-7343

Medium priority
Vulnerable

Reflected - Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'newMonitor[Method]' parameter value in the view monitor (monitor.php) because...

1 affected packages

zoneminder

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
zoneminder Vulnerable Vulnerable Vulnerable Not in release Not affected
Show less packages

CVE-2019-7342

Medium priority
Vulnerable

POST - Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'filter[AutoExecuteCmd]' parameter value in the view filter (filter.php) because...

1 affected packages

zoneminder

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
zoneminder Vulnerable Vulnerable Vulnerable Not in release Not affected
Show less packages

CVE-2019-7341

Medium priority
Vulnerable

Reflected - Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'newMonitor[LinkedMonitors]' parameter value in the view monitor (monitor.php)...

1 affected packages

zoneminder

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
zoneminder Vulnerable Vulnerable Vulnerable Not in release Vulnerable
Show less packages

CVE-2019-7340

Medium priority
Vulnerable

POST - Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'filter[Query][terms][0][val]' parameter value in the view filter (filter.php) because...

1 affected packages

zoneminder

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
zoneminder Vulnerable Vulnerable Vulnerable Not in release Not affected
Show less packages

CVE-2019-7339

Medium priority
Vulnerable

POST - Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'level' parameter value in the view log (log.php) because proper filtration is omitted.

1 affected packages

zoneminder

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
zoneminder Vulnerable Vulnerable Vulnerable Not in release Vulnerable
Show less packages

CVE-2019-7338

Medium priority
Vulnerable

Self - Stored XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code in the view 'group' as it insecurely prints the 'Group Name' value on the web page without applying any proper filtration.

1 affected packages

zoneminder

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
zoneminder Vulnerable Vulnerable Vulnerable Not in release Vulnerable
Show less packages

CVE-2019-7337

Medium priority
Vulnerable

Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3 as the view 'events' (events.php) insecurely displays the limit parameter value, without applying any proper output filtration. This issue exists because of...

1 affected packages

zoneminder

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
zoneminder Vulnerable Vulnerable Vulnerable Not in release Vulnerable
Show less packages

CVE-2019-7336

Medium priority
Vulnerable

Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, as the view _monitor_filters.php contains takes in input from the user and saves it into the session, and retrieves it later (insecurely). The values of...

1 affected packages

zoneminder

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
zoneminder Vulnerable Vulnerable Vulnerable Not in release Not affected
Show less packages
  1. Previous page
  2. 3
  3. 4
  4. 5
  5. 6
  6. 7
  7. Next page
Export to JSON