CVE-2008-3880

Опубликовано: 26 авг. 2008

Источник: redhat

Описание

SQL injection vulnerability in zm_html_view_event.php in ZoneMinder 1.23.3 and earlier allows remote attackers to execute arbitrary SQL commands via the filter array parameter.

Ссылки на источники

Дополнительная информация

Дефект:

CWE-77

Дефект:

CWE-89

Дефект:

CWE-79

https://bugzilla.redhat.com/show_bug.cgi?id=460280zoneminder: command injection, SQL injection and multiple XSS issues (CVE-2008-3882, CVE-2008-3880, CVE-2008-3881)

Связанные уязвимости

CVE-2008-3880

ubuntu

около 17 лет назад

SQL injection vulnerability in zm_html_view_event.php in ZoneMinder 1.23.3 and earlier allows remote attackers to execute arbitrary SQL commands via the filter array parameter.

CVE-2008-3880

nvd

около 17 лет назад

SQL injection vulnerability in zm_html_view_event.php in ZoneMinder 1.23.3 and earlier allows remote attackers to execute arbitrary SQL commands via the filter array parameter.

CVE-2008-3880

debian

около 17 лет назад

SQL injection vulnerability in zm_html_view_event.php in ZoneMinder 1. ...

GHSA-fg4c-q4wp-fvrw

github

больше 3 лет назад

SQL injection vulnerability in zm_html_view_event.php in ZoneMinder 1.23.3 and earlier allows remote attackers to execute arbitrary SQL commands via the filter array parameter.