Zoneminder » Zoneminder : Security Vulnerabilities, CVEs, Published In 2019 (Sql injection)
ZoneMinder before 1.32.3 has SQL Injection via the ajax/status.php filter[Query][terms][0][cnj] parameter.
Max CVSS
9.8
EPSS Score
0.15%
Published
2019-02-18
Updated
2019-02-19
ZoneMinder before 1.32.3 has SQL Injection via the skins/classic/views/control.php groupSql parameter, as demonstrated by a newGroup[MonitorIds][] value.
Max CVSS
9.8
EPSS Score
0.15%
Published
2019-02-18
Updated
2019-02-19
ZoneMinder before 1.32.3 has SQL Injection via the ajax/status.php sort parameter.
Max CVSS
9.8
EPSS Score
0.15%
Published
2019-02-18
Updated
2019-02-19
ZoneMinder through 1.32.3 has SQL Injection via the skins/classic/views/events.php filter[Query][terms][0][cnj] parameter.
Max CVSS
9.8
EPSS Score
0.15%
Published
2019-02-18
Updated
2019-02-19
4 vulnerabilities found