zoneminder — Vulnerabilities & Security Advisories 18

All 18 CVE vulnerabilities found in zoneminder, with AI-generated Chinese analysis, references, and POCs.

Vendor: ZoneMinder

CVE ID	Title	CVSS	Severity	Published
CVE-2026-27470	ZoneMinder: Second-Order SQL Injection in `getNearEvents()` via Stored Event Name and Cause Fields CWE-89	8.8	High	2026-02-21
CVE-2024-51482	Boolean-based SQL Injection in ZoneMinder v1.37.* <= 1.37.64 CWE-89	10.0	Critical	2024-10-31
CVE-2024-43360	ZoneMinder Time-based SQL Injection CWE-89	9.8	Critical	2024-08-12
CVE-2024-43359	XSS vulnerabilities in montagereview CWE-79	-	-	2024-08-12
CVE-2024-43358	XSS vulnerability in filter view CWE-79	6.1	Medium	2024-08-12
CVE-2023-41884	ZoneMinder Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in watch.php CWE-89	7.1	High	2024-08-12
CVE-2023-26039	ZoneMinder vulnerable to OS Command injection in daemonControl() API CWE-78	7.1	High	2023-02-25
CVE-2023-26038	ZoneMinder contains Local File Inclusion vulnerability via `web/ajax/modal.php` CWE-426	5.4	Medium	2023-02-25
CVE-2023-26037	ZoneMinder contains SQL Injection via report_event_audit CWE-89	8.9	High	2023-02-25
CVE-2023-26036	ZoneMinder contains Local File Inclusion vulnerability CWE-426	8.1	High	2023-02-25
CVE-2023-26035	ZoneMinder vulnerable to Missing Authorization CWE-862	7.2	High	2023-02-25
CVE-2023-26034	ZoneMinder SQL Injection CWE-89	9.6	Critical	2023-02-25
CVE-2023-26032	ZoneMinder contains SQL injection via malicious Jason Web Token CWE-89	8.9	High	2023-02-25
CVE-2023-25825	ZoneMinder contains Cross-site Scripting via log viewing CWE-79	7.7	High	2023-02-25
CVE-2022-39285	Stored Cross-Site Scripting Vulnerability In File Parameter in zoneminder CWE-79	7.6	High	2022-10-07
CVE-2022-39291	Denial of service through logs in zoneminder CWE-20	5.4	Medium	2022-10-07
CVE-2022-39290	CSRF key bypass using HTTP methods in zoneminder CWE-287	8.0	High	2022-10-07
CVE-2022-39289	Database log access in ZoneMinder CWE-200	9.1	Critical	2022-10-07

All 18 known CVE vulnerabilities affecting zoneminder with full Chinese analysis, references, and POCs where available.