Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/zoneminder@1.30.4%2Bdfsg-1?distro=trixie
Typedeb
Namespacedebian
Namezoneminder
Version1.30.4+dfsg-1
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version1.32.3-2
Latest_non_vulnerable_version1.36.37+dfsg1-1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-694p-mbsg-e7f6
vulnerability_id VCID-694p-mbsg-e7f6
summary Multiple reflected XSS vulnerabilities exist within form and link input parameters of ZoneMinder v1.30 and v1.29, an open-source CCTV server web application, which allows a remote attacker to execute malicious scripts within an authenticated client's browser. The URL is /zm/index.php and sample parameters could include action=login&view=postlogin[XSS] view=console[XSS] view=groups[XSS] view=events&filter[terms][1][cnj]=and[XSS] view=events&filter%5Bterms%5D%5B1%5D%5Bcnj%5D=and[XSS] view=events&filter%5Bterms%5D%5B1%5D%5Bcnj%5D=[XSS]and view=events&limit=1%22%3E%3C/a%3E[XSS] (among others).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-5367
reference_id
reference_type
scores
0
value 0.00492
scoring_system epss
scoring_elements 0.65556
published_at 2026-04-01T12:55:00Z
1
value 0.00492
scoring_system epss
scoring_elements 0.65604
published_at 2026-04-02T12:55:00Z
2
value 0.00492
scoring_system epss
scoring_elements 0.65634
published_at 2026-04-04T12:55:00Z
3
value 0.00492
scoring_system epss
scoring_elements 0.656
published_at 2026-04-07T12:55:00Z
4
value 0.00492
scoring_system epss
scoring_elements 0.65652
published_at 2026-04-08T12:55:00Z
5
value 0.00492
scoring_system epss
scoring_elements 0.65664
published_at 2026-04-09T12:55:00Z
6
value 0.00492
scoring_system epss
scoring_elements 0.65684
published_at 2026-04-11T12:55:00Z
7
value 0.00492
scoring_system epss
scoring_elements 0.6567
published_at 2026-04-12T12:55:00Z
8
value 0.00492
scoring_system epss
scoring_elements 0.65641
published_at 2026-04-13T12:55:00Z
9
value 0.00492
scoring_system epss
scoring_elements 0.65676
published_at 2026-04-16T12:55:00Z
10
value 0.00492
scoring_system epss
scoring_elements 0.65689
published_at 2026-04-18T12:55:00Z
11
value 0.00492
scoring_system epss
scoring_elements 0.65672
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-5367
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5367
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5367
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854733
reference_id 854733
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854733
fixed_packages
0
url pkg:deb/debian/zoneminder@1.30.4%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.30.4%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.30.4%252Bdfsg-1%3Fdistro=trixie
1
url pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3xuk-942c-kkbf
1
vulnerability VCID-4mfm-zzrx-6ffb
2
vulnerability VCID-4qtk-7myx-vfcd
3
vulnerability VCID-7vc9-wfjb-t3ba
4
vulnerability VCID-7x51-uyq2-9qax
5
vulnerability VCID-95ub-6q5w-p3cm
6
vulnerability VCID-9kh5-715y-pud4
7
vulnerability VCID-d117-rhnc-rkhf
8
vulnerability VCID-fyy1-fwys-xkbj
9
vulnerability VCID-j283-1m9p-13hn
10
vulnerability VCID-jukn-h868-5ugm
11
vulnerability VCID-kk5d-y2z8-r3g2
12
vulnerability VCID-mdkd-vmcp-afa8
13
vulnerability VCID-mk5h-586t-pyga
14
vulnerability VCID-n8y3-5fb9-kucb
15
vulnerability VCID-tyu6-8h17-8yh5
16
vulnerability VCID-uybk-r4q9-gyac
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.23-1%3Fdistro=trixie
2
url pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3xuk-942c-kkbf
1
vulnerability VCID-4mfm-zzrx-6ffb
2
vulnerability VCID-7x51-uyq2-9qax
3
vulnerability VCID-mdkd-vmcp-afa8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.33%252Bdfsg1-1%3Fdistro=trixie
3
url pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.35%252Bdfsg1-1%3Fdistro=trixie
4
url pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.37%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2017-5367
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-694p-mbsg-e7f6
1
url VCID-aqfu-4m9a-hbd4
vulnerability_id VCID-aqfu-4m9a-hbd4
summary A Cross-Site Scripting (XSS) was discovered in ZoneMinder before 1.30.2. The vulnerability exists due to insufficient filtration of user-supplied data (postLoginQuery) passed to the "ZoneMinder-master/web/skins/classic/views/js/postlogin.js.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7203
reference_id
reference_type
scores
0
value 0.00283
scoring_system epss
scoring_elements 0.51747
published_at 2026-04-21T12:55:00Z
1
value 0.00283
scoring_system epss
scoring_elements 0.51767
published_at 2026-04-18T12:55:00Z
2
value 0.00283
scoring_system epss
scoring_elements 0.51622
published_at 2026-04-01T12:55:00Z
3
value 0.00283
scoring_system epss
scoring_elements 0.51673
published_at 2026-04-02T12:55:00Z
4
value 0.00283
scoring_system epss
scoring_elements 0.51698
published_at 2026-04-04T12:55:00Z
5
value 0.00283
scoring_system epss
scoring_elements 0.51659
published_at 2026-04-07T12:55:00Z
6
value 0.00283
scoring_system epss
scoring_elements 0.51713
published_at 2026-04-08T12:55:00Z
7
value 0.00283
scoring_system epss
scoring_elements 0.51709
published_at 2026-04-09T12:55:00Z
8
value 0.00283
scoring_system epss
scoring_elements 0.51758
published_at 2026-04-11T12:55:00Z
9
value 0.00283
scoring_system epss
scoring_elements 0.51736
published_at 2026-04-12T12:55:00Z
10
value 0.00283
scoring_system epss
scoring_elements 0.5172
published_at 2026-04-13T12:55:00Z
11
value 0.00283
scoring_system epss
scoring_elements 0.51761
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7203
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7203
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7203
2
reference_url https://github.com/ZoneMinder/ZoneMinder/issues/1797
reference_id
reference_type
scores
url https://github.com/ZoneMinder/ZoneMinder/issues/1797
3
reference_url http://www.securityfocus.com/bid/97001
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/97001
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858329
reference_id 858329
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858329
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:1.30.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:zoneminder:zoneminder:1.30.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:1.30.2:*:*:*:*:*:*:*
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-7203
reference_id CVE-2017-7203
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:N
1
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2017-7203
fixed_packages
0
url pkg:deb/debian/zoneminder@1.30.4%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.30.4%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.30.4%252Bdfsg-1%3Fdistro=trixie
1
url pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3xuk-942c-kkbf
1
vulnerability VCID-4mfm-zzrx-6ffb
2
vulnerability VCID-4qtk-7myx-vfcd
3
vulnerability VCID-7vc9-wfjb-t3ba
4
vulnerability VCID-7x51-uyq2-9qax
5
vulnerability VCID-95ub-6q5w-p3cm
6
vulnerability VCID-9kh5-715y-pud4
7
vulnerability VCID-d117-rhnc-rkhf
8
vulnerability VCID-fyy1-fwys-xkbj
9
vulnerability VCID-j283-1m9p-13hn
10
vulnerability VCID-jukn-h868-5ugm
11
vulnerability VCID-kk5d-y2z8-r3g2
12
vulnerability VCID-mdkd-vmcp-afa8
13
vulnerability VCID-mk5h-586t-pyga
14
vulnerability VCID-n8y3-5fb9-kucb
15
vulnerability VCID-tyu6-8h17-8yh5
16
vulnerability VCID-uybk-r4q9-gyac
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.23-1%3Fdistro=trixie
2
url pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3xuk-942c-kkbf
1
vulnerability VCID-4mfm-zzrx-6ffb
2
vulnerability VCID-7x51-uyq2-9qax
3
vulnerability VCID-mdkd-vmcp-afa8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.33%252Bdfsg1-1%3Fdistro=trixie
3
url pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.35%252Bdfsg1-1%3Fdistro=trixie
4
url pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.37%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2017-7203
risk_score 2.8
exploitability 0.5
weighted_severity 5.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-aqfu-4m9a-hbd4
2
url VCID-dp5c-4aaa-uyaq
vulnerability_id VCID-dp5c-4aaa-uyaq
summary A file disclosure and inclusion vulnerability exists in web/views/file.php in ZoneMinder 1.x through v1.30.0 because of unfiltered user-input being passed to readfile(), which allows an authenticated attacker to read local system files (e.g., /etc/passwd) in the context of the web server user (www-data). The attack vector is a .. (dot dot) in the path parameter within a zm/index.php?view=file&path= request.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-5595
reference_id
reference_type
scores
0
value 0.00208
scoring_system epss
scoring_elements 0.43164
published_at 2026-04-01T12:55:00Z
1
value 0.00208
scoring_system epss
scoring_elements 0.43221
published_at 2026-04-02T12:55:00Z
2
value 0.00208
scoring_system epss
scoring_elements 0.43249
published_at 2026-04-04T12:55:00Z
3
value 0.00208
scoring_system epss
scoring_elements 0.43188
published_at 2026-04-07T12:55:00Z
4
value 0.00208
scoring_system epss
scoring_elements 0.43239
published_at 2026-04-08T12:55:00Z
5
value 0.00208
scoring_system epss
scoring_elements 0.43251
published_at 2026-04-09T12:55:00Z
6
value 0.00208
scoring_system epss
scoring_elements 0.43273
published_at 2026-04-11T12:55:00Z
7
value 0.00208
scoring_system epss
scoring_elements 0.43241
published_at 2026-04-12T12:55:00Z
8
value 0.00208
scoring_system epss
scoring_elements 0.43225
published_at 2026-04-13T12:55:00Z
9
value 0.00208
scoring_system epss
scoring_elements 0.43286
published_at 2026-04-16T12:55:00Z
10
value 0.00208
scoring_system epss
scoring_elements 0.43275
published_at 2026-04-18T12:55:00Z
11
value 0.00208
scoring_system epss
scoring_elements 0.4321
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-5595
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5595
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5595
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854733
reference_id 854733
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854733
fixed_packages
0
url pkg:deb/debian/zoneminder@1.30.4%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.30.4%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.30.4%252Bdfsg-1%3Fdistro=trixie
1
url pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3xuk-942c-kkbf
1
vulnerability VCID-4mfm-zzrx-6ffb
2
vulnerability VCID-4qtk-7myx-vfcd
3
vulnerability VCID-7vc9-wfjb-t3ba
4
vulnerability VCID-7x51-uyq2-9qax
5
vulnerability VCID-95ub-6q5w-p3cm
6
vulnerability VCID-9kh5-715y-pud4
7
vulnerability VCID-d117-rhnc-rkhf
8
vulnerability VCID-fyy1-fwys-xkbj
9
vulnerability VCID-j283-1m9p-13hn
10
vulnerability VCID-jukn-h868-5ugm
11
vulnerability VCID-kk5d-y2z8-r3g2
12
vulnerability VCID-mdkd-vmcp-afa8
13
vulnerability VCID-mk5h-586t-pyga
14
vulnerability VCID-n8y3-5fb9-kucb
15
vulnerability VCID-tyu6-8h17-8yh5
16
vulnerability VCID-uybk-r4q9-gyac
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.23-1%3Fdistro=trixie
2
url pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3xuk-942c-kkbf
1
vulnerability VCID-4mfm-zzrx-6ffb
2
vulnerability VCID-7x51-uyq2-9qax
3
vulnerability VCID-mdkd-vmcp-afa8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.33%252Bdfsg1-1%3Fdistro=trixie
3
url pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.35%252Bdfsg1-1%3Fdistro=trixie
4
url pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.37%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2017-5595
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dp5c-4aaa-uyaq
3
url VCID-f9wt-f98j-ekeh
vulnerability_id VCID-f9wt-f98j-ekeh
summary Cross-site scripting (XSS) vulnerability in Zoneminder 1.30 and earlier allows remote attackers to inject arbitrary web script or HTML via the path info to index.php.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-10202
reference_id
reference_type
scores
0
value 0.00275
scoring_system epss
scoring_elements 0.50914
published_at 2026-04-01T12:55:00Z
1
value 0.00275
scoring_system epss
scoring_elements 0.50968
published_at 2026-04-02T12:55:00Z
2
value 0.00275
scoring_system epss
scoring_elements 0.50993
published_at 2026-04-04T12:55:00Z
3
value 0.00275
scoring_system epss
scoring_elements 0.50951
published_at 2026-04-07T12:55:00Z
4
value 0.00275
scoring_system epss
scoring_elements 0.51008
published_at 2026-04-08T12:55:00Z
5
value 0.00275
scoring_system epss
scoring_elements 0.51004
published_at 2026-04-09T12:55:00Z
6
value 0.00275
scoring_system epss
scoring_elements 0.51047
published_at 2026-04-11T12:55:00Z
7
value 0.00275
scoring_system epss
scoring_elements 0.51026
published_at 2026-04-12T12:55:00Z
8
value 0.00275
scoring_system epss
scoring_elements 0.51009
published_at 2026-04-13T12:55:00Z
9
value 0.00275
scoring_system epss
scoring_elements 0.51046
published_at 2026-04-16T12:55:00Z
10
value 0.00275
scoring_system epss
scoring_elements 0.51053
published_at 2026-04-18T12:55:00Z
11
value 0.00275
scoring_system epss
scoring_elements 0.51031
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-10202
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10202
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10202
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854272
reference_id 854272
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854272
fixed_packages
0
url pkg:deb/debian/zoneminder@1.30.4%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.30.4%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.30.4%252Bdfsg-1%3Fdistro=trixie
1
url pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3xuk-942c-kkbf
1
vulnerability VCID-4mfm-zzrx-6ffb
2
vulnerability VCID-4qtk-7myx-vfcd
3
vulnerability VCID-7vc9-wfjb-t3ba
4
vulnerability VCID-7x51-uyq2-9qax
5
vulnerability VCID-95ub-6q5w-p3cm
6
vulnerability VCID-9kh5-715y-pud4
7
vulnerability VCID-d117-rhnc-rkhf
8
vulnerability VCID-fyy1-fwys-xkbj
9
vulnerability VCID-j283-1m9p-13hn
10
vulnerability VCID-jukn-h868-5ugm
11
vulnerability VCID-kk5d-y2z8-r3g2
12
vulnerability VCID-mdkd-vmcp-afa8
13
vulnerability VCID-mk5h-586t-pyga
14
vulnerability VCID-n8y3-5fb9-kucb
15
vulnerability VCID-tyu6-8h17-8yh5
16
vulnerability VCID-uybk-r4q9-gyac
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.23-1%3Fdistro=trixie
2
url pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3xuk-942c-kkbf
1
vulnerability VCID-4mfm-zzrx-6ffb
2
vulnerability VCID-7x51-uyq2-9qax
3
vulnerability VCID-mdkd-vmcp-afa8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.33%252Bdfsg1-1%3Fdistro=trixie
3
url pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.35%252Bdfsg1-1%3Fdistro=trixie
4
url pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.37%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2016-10202
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f9wt-f98j-ekeh
4
url VCID-mx9e-1cur-mqfz
vulnerability_id VCID-mx9e-1cur-mqfz
summary Information disclosure and authentication bypass vulnerability exists in the Apache HTTP Server configuration bundled with ZoneMinder v1.30 and v1.29, which allows a remote unauthenticated attacker to browse all directories in the web root, e.g., a remote unauthenticated attacker can view all CCTV images on the server via the /events URI.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-10140
reference_id
reference_type
scores
0
value 0.34242
scoring_system epss
scoring_elements 0.96951
published_at 2026-04-01T12:55:00Z
1
value 0.34242
scoring_system epss
scoring_elements 0.96958
published_at 2026-04-02T12:55:00Z
2
value 0.34242
scoring_system epss
scoring_elements 0.96963
published_at 2026-04-04T12:55:00Z
3
value 0.34242
scoring_system epss
scoring_elements 0.96966
published_at 2026-04-07T12:55:00Z
4
value 0.34242
scoring_system epss
scoring_elements 0.96974
published_at 2026-04-08T12:55:00Z
5
value 0.34242
scoring_system epss
scoring_elements 0.96975
published_at 2026-04-09T12:55:00Z
6
value 0.34242
scoring_system epss
scoring_elements 0.96978
published_at 2026-04-11T12:55:00Z
7
value 0.34242
scoring_system epss
scoring_elements 0.96979
published_at 2026-04-12T12:55:00Z
8
value 0.34242
scoring_system epss
scoring_elements 0.9698
published_at 2026-04-13T12:55:00Z
9
value 0.34242
scoring_system epss
scoring_elements 0.96988
published_at 2026-04-16T12:55:00Z
10
value 0.34242
scoring_system epss
scoring_elements 0.96991
published_at 2026-04-18T12:55:00Z
11
value 0.34242
scoring_system epss
scoring_elements 0.96993
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-10140
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10140
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10140
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851710
reference_id 851710
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851710
fixed_packages
0
url pkg:deb/debian/zoneminder@1.30.4%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.30.4%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.30.4%252Bdfsg-1%3Fdistro=trixie
1
url pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3xuk-942c-kkbf
1
vulnerability VCID-4mfm-zzrx-6ffb
2
vulnerability VCID-4qtk-7myx-vfcd
3
vulnerability VCID-7vc9-wfjb-t3ba
4
vulnerability VCID-7x51-uyq2-9qax
5
vulnerability VCID-95ub-6q5w-p3cm
6
vulnerability VCID-9kh5-715y-pud4
7
vulnerability VCID-d117-rhnc-rkhf
8
vulnerability VCID-fyy1-fwys-xkbj
9
vulnerability VCID-j283-1m9p-13hn
10
vulnerability VCID-jukn-h868-5ugm
11
vulnerability VCID-kk5d-y2z8-r3g2
12
vulnerability VCID-mdkd-vmcp-afa8
13
vulnerability VCID-mk5h-586t-pyga
14
vulnerability VCID-n8y3-5fb9-kucb
15
vulnerability VCID-tyu6-8h17-8yh5
16
vulnerability VCID-uybk-r4q9-gyac
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.23-1%3Fdistro=trixie
2
url pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3xuk-942c-kkbf
1
vulnerability VCID-4mfm-zzrx-6ffb
2
vulnerability VCID-7x51-uyq2-9qax
3
vulnerability VCID-mdkd-vmcp-afa8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.33%252Bdfsg1-1%3Fdistro=trixie
3
url pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.35%252Bdfsg1-1%3Fdistro=trixie
4
url pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.37%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2016-10140
risk_score 0.1
exploitability 0.5
weighted_severity 0.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mx9e-1cur-mqfz
5
url VCID-r4zz-6j52-cue5
vulnerability_id VCID-r4zz-6j52-cue5
summary Cross-site scripting (XSS) vulnerability in Zoneminder 1.30 and earlier allows remote attackers to inject arbitrary web script or HTML via the name when creating a new monitor.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-10203
reference_id
reference_type
scores
0
value 0.00326
scoring_system epss
scoring_elements 0.55467
published_at 2026-04-01T12:55:00Z
1
value 0.00326
scoring_system epss
scoring_elements 0.55579
published_at 2026-04-02T12:55:00Z
2
value 0.00326
scoring_system epss
scoring_elements 0.55603
published_at 2026-04-04T12:55:00Z
3
value 0.00326
scoring_system epss
scoring_elements 0.55581
published_at 2026-04-07T12:55:00Z
4
value 0.00326
scoring_system epss
scoring_elements 0.55633
published_at 2026-04-08T12:55:00Z
5
value 0.00326
scoring_system epss
scoring_elements 0.55636
published_at 2026-04-09T12:55:00Z
6
value 0.00326
scoring_system epss
scoring_elements 0.55645
published_at 2026-04-16T12:55:00Z
7
value 0.00326
scoring_system epss
scoring_elements 0.55624
published_at 2026-04-12T12:55:00Z
8
value 0.00326
scoring_system epss
scoring_elements 0.55607
published_at 2026-04-13T12:55:00Z
9
value 0.00326
scoring_system epss
scoring_elements 0.55648
published_at 2026-04-18T12:55:00Z
10
value 0.00326
scoring_system epss
scoring_elements 0.55628
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-10203
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10203
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10203
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854272
reference_id 854272
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854272
fixed_packages
0
url pkg:deb/debian/zoneminder@1.30.4%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.30.4%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.30.4%252Bdfsg-1%3Fdistro=trixie
1
url pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3xuk-942c-kkbf
1
vulnerability VCID-4mfm-zzrx-6ffb
2
vulnerability VCID-4qtk-7myx-vfcd
3
vulnerability VCID-7vc9-wfjb-t3ba
4
vulnerability VCID-7x51-uyq2-9qax
5
vulnerability VCID-95ub-6q5w-p3cm
6
vulnerability VCID-9kh5-715y-pud4
7
vulnerability VCID-d117-rhnc-rkhf
8
vulnerability VCID-fyy1-fwys-xkbj
9
vulnerability VCID-j283-1m9p-13hn
10
vulnerability VCID-jukn-h868-5ugm
11
vulnerability VCID-kk5d-y2z8-r3g2
12
vulnerability VCID-mdkd-vmcp-afa8
13
vulnerability VCID-mk5h-586t-pyga
14
vulnerability VCID-n8y3-5fb9-kucb
15
vulnerability VCID-tyu6-8h17-8yh5
16
vulnerability VCID-uybk-r4q9-gyac
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.23-1%3Fdistro=trixie
2
url pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3xuk-942c-kkbf
1
vulnerability VCID-4mfm-zzrx-6ffb
2
vulnerability VCID-7x51-uyq2-9qax
3
vulnerability VCID-mdkd-vmcp-afa8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.33%252Bdfsg1-1%3Fdistro=trixie
3
url pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.35%252Bdfsg1-1%3Fdistro=trixie
4
url pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.37%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2016-10203
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r4zz-6j52-cue5
6
url VCID-rdyb-mgsn-gyb5
vulnerability_id VCID-rdyb-mgsn-gyb5
summary ZoneMinder v1.30 and v1.29, an open-source CCTV server web application, is vulnerable to CSRF (Cross Site Request Forgery) which allows a remote attack to make changes to the web application as the current logged in victim. If the victim visits a malicious web page, the attacker can silently and automatically create a new admin user within the web application for remote persistence and further attacks. The URL is /zm/index.php and sample parameters could include action=user uid=0 newUser[Username]=attacker1 newUser[Password]=Password1234 conf_password=Password1234 newUser[System]=Edit (among others).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-5368
reference_id
reference_type
scores
0
value 0.00205
scoring_system epss
scoring_elements 0.4257
published_at 2026-04-01T12:55:00Z
1
value 0.00205
scoring_system epss
scoring_elements 0.42641
published_at 2026-04-02T12:55:00Z
2
value 0.00205
scoring_system epss
scoring_elements 0.42669
published_at 2026-04-04T12:55:00Z
3
value 0.00205
scoring_system epss
scoring_elements 0.4261
published_at 2026-04-07T12:55:00Z
4
value 0.00205
scoring_system epss
scoring_elements 0.42661
published_at 2026-04-08T12:55:00Z
5
value 0.00205
scoring_system epss
scoring_elements 0.42673
published_at 2026-04-09T12:55:00Z
6
value 0.00205
scoring_system epss
scoring_elements 0.42696
published_at 2026-04-11T12:55:00Z
7
value 0.00205
scoring_system epss
scoring_elements 0.4266
published_at 2026-04-12T12:55:00Z
8
value 0.00205
scoring_system epss
scoring_elements 0.42643
published_at 2026-04-13T12:55:00Z
9
value 0.00205
scoring_system epss
scoring_elements 0.42703
published_at 2026-04-16T12:55:00Z
10
value 0.00205
scoring_system epss
scoring_elements 0.42689
published_at 2026-04-18T12:55:00Z
11
value 0.00205
scoring_system epss
scoring_elements 0.42626
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-5368
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5368
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5368
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854733
reference_id 854733
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854733
fixed_packages
0
url pkg:deb/debian/zoneminder@1.30.4%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.30.4%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.30.4%252Bdfsg-1%3Fdistro=trixie
1
url pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3xuk-942c-kkbf
1
vulnerability VCID-4mfm-zzrx-6ffb
2
vulnerability VCID-4qtk-7myx-vfcd
3
vulnerability VCID-7vc9-wfjb-t3ba
4
vulnerability VCID-7x51-uyq2-9qax
5
vulnerability VCID-95ub-6q5w-p3cm
6
vulnerability VCID-9kh5-715y-pud4
7
vulnerability VCID-d117-rhnc-rkhf
8
vulnerability VCID-fyy1-fwys-xkbj
9
vulnerability VCID-j283-1m9p-13hn
10
vulnerability VCID-jukn-h868-5ugm
11
vulnerability VCID-kk5d-y2z8-r3g2
12
vulnerability VCID-mdkd-vmcp-afa8
13
vulnerability VCID-mk5h-586t-pyga
14
vulnerability VCID-n8y3-5fb9-kucb
15
vulnerability VCID-tyu6-8h17-8yh5
16
vulnerability VCID-uybk-r4q9-gyac
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.23-1%3Fdistro=trixie
2
url pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3xuk-942c-kkbf
1
vulnerability VCID-4mfm-zzrx-6ffb
2
vulnerability VCID-7x51-uyq2-9qax
3
vulnerability VCID-mdkd-vmcp-afa8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.33%252Bdfsg1-1%3Fdistro=trixie
3
url pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.35%252Bdfsg1-1%3Fdistro=trixie
4
url pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.37%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2017-5368
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rdyb-mgsn-gyb5
7
url VCID-sdf7-gmgd-pkf8
vulnerability_id VCID-sdf7-gmgd-pkf8
summary Session fixation vulnerability in Zoneminder 1.30 and earlier allows remote attackers to hijack web sessions via the ZMSESSID cookie.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-10205
reference_id
reference_type
scores
0
value 0.00743
scoring_system epss
scoring_elements 0.72953
published_at 2026-04-01T12:55:00Z
1
value 0.00743
scoring_system epss
scoring_elements 0.72965
published_at 2026-04-02T12:55:00Z
2
value 0.00743
scoring_system epss
scoring_elements 0.72984
published_at 2026-04-04T12:55:00Z
3
value 0.00743
scoring_system epss
scoring_elements 0.7296
published_at 2026-04-07T12:55:00Z
4
value 0.00743
scoring_system epss
scoring_elements 0.72997
published_at 2026-04-08T12:55:00Z
5
value 0.00743
scoring_system epss
scoring_elements 0.73011
published_at 2026-04-09T12:55:00Z
6
value 0.00743
scoring_system epss
scoring_elements 0.73036
published_at 2026-04-11T12:55:00Z
7
value 0.00743
scoring_system epss
scoring_elements 0.73015
published_at 2026-04-12T12:55:00Z
8
value 0.00743
scoring_system epss
scoring_elements 0.73008
published_at 2026-04-13T12:55:00Z
9
value 0.00743
scoring_system epss
scoring_elements 0.7305
published_at 2026-04-16T12:55:00Z
10
value 0.00743
scoring_system epss
scoring_elements 0.7306
published_at 2026-04-18T12:55:00Z
11
value 0.00743
scoring_system epss
scoring_elements 0.73052
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-10205
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10205
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10205
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854272
reference_id 854272
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854272
fixed_packages
0
url pkg:deb/debian/zoneminder@1.30.4%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.30.4%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.30.4%252Bdfsg-1%3Fdistro=trixie
1
url pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3xuk-942c-kkbf
1
vulnerability VCID-4mfm-zzrx-6ffb
2
vulnerability VCID-4qtk-7myx-vfcd
3
vulnerability VCID-7vc9-wfjb-t3ba
4
vulnerability VCID-7x51-uyq2-9qax
5
vulnerability VCID-95ub-6q5w-p3cm
6
vulnerability VCID-9kh5-715y-pud4
7
vulnerability VCID-d117-rhnc-rkhf
8
vulnerability VCID-fyy1-fwys-xkbj
9
vulnerability VCID-j283-1m9p-13hn
10
vulnerability VCID-jukn-h868-5ugm
11
vulnerability VCID-kk5d-y2z8-r3g2
12
vulnerability VCID-mdkd-vmcp-afa8
13
vulnerability VCID-mk5h-586t-pyga
14
vulnerability VCID-n8y3-5fb9-kucb
15
vulnerability VCID-tyu6-8h17-8yh5
16
vulnerability VCID-uybk-r4q9-gyac
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.23-1%3Fdistro=trixie
2
url pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3xuk-942c-kkbf
1
vulnerability VCID-4mfm-zzrx-6ffb
2
vulnerability VCID-7x51-uyq2-9qax
3
vulnerability VCID-mdkd-vmcp-afa8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.33%252Bdfsg1-1%3Fdistro=trixie
3
url pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.35%252Bdfsg1-1%3Fdistro=trixie
4
url pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.37%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2016-10205
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sdf7-gmgd-pkf8
8
url VCID-w96c-3tde-d7b1
vulnerability_id VCID-w96c-3tde-d7b1
summary SQL injection vulnerability in Zoneminder 1.30 and earlier allows remote attackers to execute arbitrary SQL commands via the limit parameter in a log query request to index.php.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-10204
reference_id
reference_type
scores
0
value 0.00518
scoring_system epss
scoring_elements 0.66663
published_at 2026-04-01T12:55:00Z
1
value 0.00518
scoring_system epss
scoring_elements 0.66704
published_at 2026-04-02T12:55:00Z
2
value 0.00518
scoring_system epss
scoring_elements 0.66729
published_at 2026-04-04T12:55:00Z
3
value 0.00518
scoring_system epss
scoring_elements 0.66702
published_at 2026-04-07T12:55:00Z
4
value 0.00518
scoring_system epss
scoring_elements 0.66751
published_at 2026-04-08T12:55:00Z
5
value 0.00518
scoring_system epss
scoring_elements 0.66766
published_at 2026-04-09T12:55:00Z
6
value 0.00518
scoring_system epss
scoring_elements 0.66785
published_at 2026-04-11T12:55:00Z
7
value 0.00518
scoring_system epss
scoring_elements 0.66772
published_at 2026-04-12T12:55:00Z
8
value 0.00518
scoring_system epss
scoring_elements 0.66743
published_at 2026-04-13T12:55:00Z
9
value 0.00518
scoring_system epss
scoring_elements 0.66777
published_at 2026-04-16T12:55:00Z
10
value 0.00518
scoring_system epss
scoring_elements 0.6679
published_at 2026-04-18T12:55:00Z
11
value 0.00518
scoring_system epss
scoring_elements 0.66775
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-10204
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10204
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10204
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854272
reference_id 854272
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854272
fixed_packages
0
url pkg:deb/debian/zoneminder@1.30.4%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.30.4%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.30.4%252Bdfsg-1%3Fdistro=trixie
1
url pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3xuk-942c-kkbf
1
vulnerability VCID-4mfm-zzrx-6ffb
2
vulnerability VCID-4qtk-7myx-vfcd
3
vulnerability VCID-7vc9-wfjb-t3ba
4
vulnerability VCID-7x51-uyq2-9qax
5
vulnerability VCID-95ub-6q5w-p3cm
6
vulnerability VCID-9kh5-715y-pud4
7
vulnerability VCID-d117-rhnc-rkhf
8
vulnerability VCID-fyy1-fwys-xkbj
9
vulnerability VCID-j283-1m9p-13hn
10
vulnerability VCID-jukn-h868-5ugm
11
vulnerability VCID-kk5d-y2z8-r3g2
12
vulnerability VCID-mdkd-vmcp-afa8
13
vulnerability VCID-mk5h-586t-pyga
14
vulnerability VCID-n8y3-5fb9-kucb
15
vulnerability VCID-tyu6-8h17-8yh5
16
vulnerability VCID-uybk-r4q9-gyac
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.23-1%3Fdistro=trixie
2
url pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3xuk-942c-kkbf
1
vulnerability VCID-4mfm-zzrx-6ffb
2
vulnerability VCID-7x51-uyq2-9qax
3
vulnerability VCID-mdkd-vmcp-afa8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.33%252Bdfsg1-1%3Fdistro=trixie
3
url pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.35%252Bdfsg1-1%3Fdistro=trixie
4
url pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.37%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2016-10204
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w96c-3tde-d7b1
9
url VCID-ys4w-ngmr-mbh9
vulnerability_id VCID-ys4w-ngmr-mbh9
summary Cross-site scripting (XSS) vulnerability in Zoneminder 1.30 and earlier allows remote attackers to inject arbitrary web script or HTML via the format parameter in a download log request to index.php.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-10201
reference_id
reference_type
scores
0
value 0.00275
scoring_system epss
scoring_elements 0.50914
published_at 2026-04-01T12:55:00Z
1
value 0.00275
scoring_system epss
scoring_elements 0.50968
published_at 2026-04-02T12:55:00Z
2
value 0.00275
scoring_system epss
scoring_elements 0.50993
published_at 2026-04-04T12:55:00Z
3
value 0.00275
scoring_system epss
scoring_elements 0.50951
published_at 2026-04-07T12:55:00Z
4
value 0.00275
scoring_system epss
scoring_elements 0.51008
published_at 2026-04-08T12:55:00Z
5
value 0.00275
scoring_system epss
scoring_elements 0.51004
published_at 2026-04-09T12:55:00Z
6
value 0.00275
scoring_system epss
scoring_elements 0.51047
published_at 2026-04-11T12:55:00Z
7
value 0.00275
scoring_system epss
scoring_elements 0.51026
published_at 2026-04-12T12:55:00Z
8
value 0.00275
scoring_system epss
scoring_elements 0.51009
published_at 2026-04-13T12:55:00Z
9
value 0.00275
scoring_system epss
scoring_elements 0.51046
published_at 2026-04-16T12:55:00Z
10
value 0.00275
scoring_system epss
scoring_elements 0.51053
published_at 2026-04-18T12:55:00Z
11
value 0.00275
scoring_system epss
scoring_elements 0.51031
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-10201
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10201
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10201
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854272
reference_id 854272
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854272
fixed_packages
0
url pkg:deb/debian/zoneminder@1.30.4%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.30.4%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.30.4%252Bdfsg-1%3Fdistro=trixie
1
url pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3xuk-942c-kkbf
1
vulnerability VCID-4mfm-zzrx-6ffb
2
vulnerability VCID-4qtk-7myx-vfcd
3
vulnerability VCID-7vc9-wfjb-t3ba
4
vulnerability VCID-7x51-uyq2-9qax
5
vulnerability VCID-95ub-6q5w-p3cm
6
vulnerability VCID-9kh5-715y-pud4
7
vulnerability VCID-d117-rhnc-rkhf
8
vulnerability VCID-fyy1-fwys-xkbj
9
vulnerability VCID-j283-1m9p-13hn
10
vulnerability VCID-jukn-h868-5ugm
11
vulnerability VCID-kk5d-y2z8-r3g2
12
vulnerability VCID-mdkd-vmcp-afa8
13
vulnerability VCID-mk5h-586t-pyga
14
vulnerability VCID-n8y3-5fb9-kucb
15
vulnerability VCID-tyu6-8h17-8yh5
16
vulnerability VCID-uybk-r4q9-gyac
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.23-1%3Fdistro=trixie
2
url pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3xuk-942c-kkbf
1
vulnerability VCID-4mfm-zzrx-6ffb
2
vulnerability VCID-7x51-uyq2-9qax
3
vulnerability VCID-mdkd-vmcp-afa8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.33%252Bdfsg1-1%3Fdistro=trixie
3
url pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.35%252Bdfsg1-1%3Fdistro=trixie
4
url pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.37%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2016-10201
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ys4w-ngmr-mbh9
10
url VCID-zu3w-apm5-8bdw
vulnerability_id VCID-zu3w-apm5-8bdw
summary Cross-site request forgery (CSRF) vulnerability in Zoneminder 1.30 and earlier allows remote attackers to hijack the authentication of users for requests that change passwords and possibly have unspecified other impact as demonstrated by a crafted user action request to index.php.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-10206
reference_id
reference_type
scores
0
value 0.00131
scoring_system epss
scoring_elements 0.32517
published_at 2026-04-01T12:55:00Z
1
value 0.00131
scoring_system epss
scoring_elements 0.32666
published_at 2026-04-02T12:55:00Z
2
value 0.00131
scoring_system epss
scoring_elements 0.32702
published_at 2026-04-04T12:55:00Z
3
value 0.00131
scoring_system epss
scoring_elements 0.32523
published_at 2026-04-07T12:55:00Z
4
value 0.00131
scoring_system epss
scoring_elements 0.3257
published_at 2026-04-16T12:55:00Z
5
value 0.00131
scoring_system epss
scoring_elements 0.32596
published_at 2026-04-09T12:55:00Z
6
value 0.00131
scoring_system epss
scoring_elements 0.32598
published_at 2026-04-11T12:55:00Z
7
value 0.00131
scoring_system epss
scoring_elements 0.32561
published_at 2026-04-12T12:55:00Z
8
value 0.00131
scoring_system epss
scoring_elements 0.32533
published_at 2026-04-13T12:55:00Z
9
value 0.00131
scoring_system epss
scoring_elements 0.32548
published_at 2026-04-18T12:55:00Z
10
value 0.00131
scoring_system epss
scoring_elements 0.32516
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-10206
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10206
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10206
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854272
reference_id 854272
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854272
fixed_packages
0
url pkg:deb/debian/zoneminder@1.30.4%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.30.4%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.30.4%252Bdfsg-1%3Fdistro=trixie
1
url pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3xuk-942c-kkbf
1
vulnerability VCID-4mfm-zzrx-6ffb
2
vulnerability VCID-4qtk-7myx-vfcd
3
vulnerability VCID-7vc9-wfjb-t3ba
4
vulnerability VCID-7x51-uyq2-9qax
5
vulnerability VCID-95ub-6q5w-p3cm
6
vulnerability VCID-9kh5-715y-pud4
7
vulnerability VCID-d117-rhnc-rkhf
8
vulnerability VCID-fyy1-fwys-xkbj
9
vulnerability VCID-j283-1m9p-13hn
10
vulnerability VCID-jukn-h868-5ugm
11
vulnerability VCID-kk5d-y2z8-r3g2
12
vulnerability VCID-mdkd-vmcp-afa8
13
vulnerability VCID-mk5h-586t-pyga
14
vulnerability VCID-n8y3-5fb9-kucb
15
vulnerability VCID-tyu6-8h17-8yh5
16
vulnerability VCID-uybk-r4q9-gyac
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.23-1%3Fdistro=trixie
2
url pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3xuk-942c-kkbf
1
vulnerability VCID-4mfm-zzrx-6ffb
2
vulnerability VCID-7x51-uyq2-9qax
3
vulnerability VCID-mdkd-vmcp-afa8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.33%252Bdfsg1-1%3Fdistro=trixie
3
url pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.35%252Bdfsg1-1%3Fdistro=trixie
4
url pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.37%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2016-10206
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zu3w-apm5-8bdw
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.30.4%252Bdfsg-1%3Fdistro=trixie