Vulnerabilities > Zoneminder > Zoneminder > 1.30.3

DATE CVE VULNERABILITY TITLE RISK
2023-02-25 CVE-2023-26035 Missing Authorization vulnerability in Zoneminder
ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras.
network
low complexity
zoneminder CWE-862
critical
 9.8
9.8
2023-02-25 CVE-2023-26036 Untrusted Search Path vulnerability in Zoneminder
ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras.
network
low complexity
zoneminder CWE-426
critical
 9.8
9.8
2023-02-25 CVE-2023-26037 SQL Injection vulnerability in Zoneminder
ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras.
network
low complexity
zoneminder CWE-89
critical
 9.8
9.8
2023-02-25 CVE-2023-26038 Untrusted Search Path vulnerability in Zoneminder
ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras.
network
low complexity
zoneminder CWE-426
6.5
6.5
2023-02-25 CVE-2023-26039 OS Command Injection vulnerability in Zoneminder
ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras.
network
low complexity
zoneminder CWE-78
8.8
8.8
2023-02-25 CVE-2023-25825 Cross-site Scripting vulnerability in Zoneminder
ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras.
network
low complexity
zoneminder CWE-79
6.1
6.1
2023-02-25 CVE-2023-26032 SQL Injection vulnerability in Zoneminder
ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras.
network
high complexity
zoneminder CWE-89
8.1
8.1
2023-02-25 CVE-2023-26034 SQL Injection vulnerability in Zoneminder
ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras.
network
low complexity
zoneminder CWE-89
8.8
8.8
2022-11-15 CVE-2022-30769 Session Fixation vulnerability in Zoneminder
Session fixation exists in ZoneMinder through 1.36.12 as an attacker can poison a session cookie to the next logged-in user.
network
low complexity
zoneminder CWE-384
4.6
4.6
2022-10-07 CVE-2022-39285 Cross-site Scripting vulnerability in Zoneminder
ZoneMinder is a free, open source Closed-circuit television software application The file parameter is vulnerable to a cross site scripting vulnerability (XSS) by backing out of the current "tr" "td" brackets.
network
low complexity
zoneminder CWE-79
5.4
5.4