Описание
SQL injection vulnerability in Zoneminder 1.30 and earlier allows remote attackers to execute arbitrary SQL commands via the limit parameter in a log query request to index.php.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| zoneminder | fixed | 1.30.4+dfsg-1 | package | |
| zoneminder | no-dsa | jessie | package | |
| zoneminder | no-dsa | wheezy | package |
EPSS
Процентиль: 66%
0.00518
Низкий
Связанные уязвимости
CVSS3: 9.8
ubuntu
почти 9 лет назад
SQL injection vulnerability in Zoneminder 1.30 and earlier allows remote attackers to execute arbitrary SQL commands via the limit parameter in a log query request to index.php.
CVSS3: 9.8
nvd
почти 9 лет назад
SQL injection vulnerability in Zoneminder 1.30 and earlier allows remote attackers to execute arbitrary SQL commands via the limit parameter in a log query request to index.php.
CVSS3: 9.8
github
больше 3 лет назад
SQL injection vulnerability in Zoneminder 1.30 and earlier allows remote attackers to execute arbitrary SQL commands via the limit parameter in a log query request to index.php.
EPSS
Процентиль: 66%
0.00518
Низкий