Vulnerabilities > Zoneminder > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-03-20 | CVE-2013-0332 | Path Traversal vulnerability in Zoneminder Multiple directory traversal vulnerabilities in ZoneMinder 1.24.x before 1.24.4 allow remote attackers to read arbitrary files via a .. | 5.0 |
| 2009-04-27 | CVE-2008-6755 | Permissions, Privileges, and Access Controls vulnerability in Zoneminder 1.23.3 ZoneMinder 1.23.3 on Fedora 10 sets the ownership of /etc/zm.conf to the apache user account, and sets the permissions to 0600, which makes it easier for remote attackers to modify this file by accessing it through a (1) PHP or (2) CGI script. | 5.0 |
| 2008-09-02 | CVE-2008-3881 | Cross-Site Scripting vulnerability in Zoneminder Multiple cross-site scripting (XSS) vulnerabilities in ZoneMinder 1.23.3 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified "zm_html_view_*.php" files. | 4.3 |