Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-tj5u-pm5u-4ug6
Summaryincludes/functions.php in ZoneMinder Video Server 1.24.0, 1.25.0, and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) runState parameter in the packageControl function; or (2) key or (3) command parameter in the setDeviceStatusX10 function.
Aliases
0
alias CVE-2013-0232
Fixed_packages
0
url pkg:deb/debian/zoneminder@1.25.0-4?distro=trixie
purl pkg:deb/debian/zoneminder@1.25.0-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.25.0-4%3Fdistro=trixie
1
url pkg:deb/debian/zoneminder@1.25.0-4
purl pkg:deb/debian/zoneminder@1.25.0-4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11zt-rw3z-87gx
1
vulnerability VCID-23ug-uzth-tybf
2
vulnerability VCID-35hj-x1e2-eug1
3
vulnerability VCID-3zrk-nztf-nqfd
4
vulnerability VCID-4zbd-b8b7-tfa4
5
vulnerability VCID-5ba3-bxk1-pbht
6
vulnerability VCID-694p-mbsg-e7f6
7
vulnerability VCID-6mdb-h6fb-c7d6
8
vulnerability VCID-6xnz-k4kg-eqhd
9
vulnerability VCID-7x1r-12y1-ekfk
10
vulnerability VCID-8uu9-g2r8-nyep
11
vulnerability VCID-8vh1-pk4c-63hz
12
vulnerability VCID-9rr3-tdb4-1kdm
13
vulnerability VCID-aqfu-4m9a-hbd4
14
vulnerability VCID-cccj-wgfh-3fg4
15
vulnerability VCID-dk87-j5dz-6bed
16
vulnerability VCID-dp5c-4aaa-uyaq
17
vulnerability VCID-dpp2-3t2d-d3e4
18
vulnerability VCID-dz5v-tqce-a7ew
19
vulnerability VCID-edec-sj6n-n7d7
20
vulnerability VCID-f9wt-f98j-ekeh
21
vulnerability VCID-fnhr-cs7k-gkeu
22
vulnerability VCID-g1r5-fbsj-n3dr
23
vulnerability VCID-hpah-sv5y-8bde
24
vulnerability VCID-jmdh-m4ty-gqch
25
vulnerability VCID-kgpe-97pr-suee
26
vulnerability VCID-mx9e-1cur-mqfz
27
vulnerability VCID-p916-xnk3-rkce
28
vulnerability VCID-pr1z-g8aw-tqez
29
vulnerability VCID-qn8h-k43x-p7cs
30
vulnerability VCID-qs2j-ektc-2kf9
31
vulnerability VCID-qxmt-szsx-y7a8
32
vulnerability VCID-qxtk-taxx-1kde
33
vulnerability VCID-r3pj-815v-uubu
34
vulnerability VCID-r4zz-6j52-cue5
35
vulnerability VCID-r751-csse-zuaq
36
vulnerability VCID-rdyb-mgsn-gyb5
37
vulnerability VCID-sdf7-gmgd-pkf8
38
vulnerability VCID-t5fd-hvgs-sue7
39
vulnerability VCID-ug2b-2eg5-jfbb
40
vulnerability VCID-ukjs-5za3-xqdb
41
vulnerability VCID-v56x-raf9-kydq
42
vulnerability VCID-w96c-3tde-d7b1
43
vulnerability VCID-wdng-puzu-5kah
44
vulnerability VCID-xj45-xv47-ruhe
45
vulnerability VCID-y3vt-x7b1-4yer
46
vulnerability VCID-ys4w-ngmr-mbh9
47
vulnerability VCID-yxpy-5fmj-cbb7
48
vulnerability VCID-zu3w-apm5-8bdw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.25.0-4
2
url pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3xuk-942c-kkbf
1
vulnerability VCID-4mfm-zzrx-6ffb
2
vulnerability VCID-4qtk-7myx-vfcd
3
vulnerability VCID-7vc9-wfjb-t3ba
4
vulnerability VCID-7x51-uyq2-9qax
5
vulnerability VCID-95ub-6q5w-p3cm
6
vulnerability VCID-9kh5-715y-pud4
7
vulnerability VCID-d117-rhnc-rkhf
8
vulnerability VCID-fyy1-fwys-xkbj
9
vulnerability VCID-j283-1m9p-13hn
10
vulnerability VCID-jukn-h868-5ugm
11
vulnerability VCID-kk5d-y2z8-r3g2
12
vulnerability VCID-mdkd-vmcp-afa8
13
vulnerability VCID-mk5h-586t-pyga
14
vulnerability VCID-n8y3-5fb9-kucb
15
vulnerability VCID-tyu6-8h17-8yh5
16
vulnerability VCID-uybk-r4q9-gyac
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.23-1%3Fdistro=trixie
3
url pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3xuk-942c-kkbf
1
vulnerability VCID-4mfm-zzrx-6ffb
2
vulnerability VCID-7x51-uyq2-9qax
3
vulnerability VCID-mdkd-vmcp-afa8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.33%252Bdfsg1-1%3Fdistro=trixie
4
url pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.35%252Bdfsg1-1%3Fdistro=trixie
5
url pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.37%252Bdfsg1-1%3Fdistro=trixie
Affected_packages
0
url pkg:deb/debian/zoneminder@1.24.2-8%2Bsqueeze1
purl pkg:deb/debian/zoneminder@1.24.2-8%2Bsqueeze1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11zt-rw3z-87gx
1
vulnerability VCID-23ug-uzth-tybf
2
vulnerability VCID-35hj-x1e2-eug1
3
vulnerability VCID-3zrk-nztf-nqfd
4
vulnerability VCID-4zbd-b8b7-tfa4
5
vulnerability VCID-578u-3ew5-qyh5
6
vulnerability VCID-5ba3-bxk1-pbht
7
vulnerability VCID-694p-mbsg-e7f6
8
vulnerability VCID-6mdb-h6fb-c7d6
9
vulnerability VCID-6xnz-k4kg-eqhd
10
vulnerability VCID-7x1r-12y1-ekfk
11
vulnerability VCID-8uu9-g2r8-nyep
12
vulnerability VCID-8vh1-pk4c-63hz
13
vulnerability VCID-9rr3-tdb4-1kdm
14
vulnerability VCID-aqfu-4m9a-hbd4
15
vulnerability VCID-cccj-wgfh-3fg4
16
vulnerability VCID-dk87-j5dz-6bed
17
vulnerability VCID-dp5c-4aaa-uyaq
18
vulnerability VCID-dpp2-3t2d-d3e4
19
vulnerability VCID-dz5v-tqce-a7ew
20
vulnerability VCID-edec-sj6n-n7d7
21
vulnerability VCID-f9wt-f98j-ekeh
22
vulnerability VCID-fnhr-cs7k-gkeu
23
vulnerability VCID-g1r5-fbsj-n3dr
24
vulnerability VCID-hpah-sv5y-8bde
25
vulnerability VCID-jmdh-m4ty-gqch
26
vulnerability VCID-kgpe-97pr-suee
27
vulnerability VCID-mx9e-1cur-mqfz
28
vulnerability VCID-p916-xnk3-rkce
29
vulnerability VCID-pr1z-g8aw-tqez
30
vulnerability VCID-qn8h-k43x-p7cs
31
vulnerability VCID-qs2j-ektc-2kf9
32
vulnerability VCID-qxmt-szsx-y7a8
33
vulnerability VCID-qxtk-taxx-1kde
34
vulnerability VCID-r3pj-815v-uubu
35
vulnerability VCID-r4zz-6j52-cue5
36
vulnerability VCID-r751-csse-zuaq
37
vulnerability VCID-rdyb-mgsn-gyb5
38
vulnerability VCID-sdf7-gmgd-pkf8
39
vulnerability VCID-t5fd-hvgs-sue7
40
vulnerability VCID-tj5u-pm5u-4ug6
41
vulnerability VCID-ug2b-2eg5-jfbb
42
vulnerability VCID-ukjs-5za3-xqdb
43
vulnerability VCID-v56x-raf9-kydq
44
vulnerability VCID-w96c-3tde-d7b1
45
vulnerability VCID-wdng-puzu-5kah
46
vulnerability VCID-xj45-xv47-ruhe
47
vulnerability VCID-y3vt-x7b1-4yer
48
vulnerability VCID-ys4w-ngmr-mbh9
49
vulnerability VCID-yxpy-5fmj-cbb7
50
vulnerability VCID-zu3w-apm5-8bdw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.24.2-8%252Bsqueeze1
References
0
reference_url http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698910
reference_id
reference_type
scores
url http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698910
1
reference_url http://itsecuritysolutions.org/2013-01-22-ZoneMinder-Video-Server-arbitrary-command-execution-vulnerability/
reference_id
reference_type
scores
url http://itsecuritysolutions.org/2013-01-22-ZoneMinder-Video-Server-arbitrary-command-execution-vulnerability/
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-0232
reference_id
reference_type
scores
0
value 0.7823
scoring_system epss
scoring_elements 0.99025
published_at 2026-04-21T12:55:00Z
1
value 0.7823
scoring_system epss
scoring_elements 0.99012
published_at 2026-04-01T12:55:00Z
2
value 0.7823
scoring_system epss
scoring_elements 0.99013
published_at 2026-04-02T12:55:00Z
3
value 0.7823
scoring_system epss
scoring_elements 0.99016
published_at 2026-04-04T12:55:00Z
4
value 0.7823
scoring_system epss
scoring_elements 0.99018
published_at 2026-04-07T12:55:00Z
5
value 0.7823
scoring_system epss
scoring_elements 0.99019
published_at 2026-04-09T12:55:00Z
6
value 0.7823
scoring_system epss
scoring_elements 0.9902
published_at 2026-04-11T12:55:00Z
7
value 0.7823
scoring_system epss
scoring_elements 0.99022
published_at 2026-04-13T12:55:00Z
8
value 0.7823
scoring_system epss
scoring_elements 0.99024
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-0232
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0232
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0232
4
reference_url http://www.debian.org/security/2013/dsa-2640
reference_id
reference_type
scores
url http://www.debian.org/security/2013/dsa-2640
5
reference_url http://www.exploit-db.com/exploits/24310
reference_id
reference_type
scores
url http://www.exploit-db.com/exploits/24310
6
reference_url http://www.openwall.com/lists/oss-security/2013/01/28/2
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2013/01/28/2
7
reference_url http://www.osvdb.org/89529
reference_id
reference_type
scores
url http://www.osvdb.org/89529
8
reference_url http://www.zoneminder.com/forums/viewtopic.php?f=29&t=20771
reference_id
reference_type
scores
url http://www.zoneminder.com/forums/viewtopic.php?f=29&t=20771
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698910
reference_id 698910
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698910
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:1.24.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:zoneminder:zoneminder:1.24.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:1.24.0:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:1.24.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:zoneminder:zoneminder:1.24.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:1.24.1:*:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:1.24.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:zoneminder:zoneminder:1.24.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:1.24.2:*:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:1.24.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:zoneminder:zoneminder:1.24.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:1.24.3:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:1.24.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:zoneminder:zoneminder:1.24.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:1.24.4:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:1.25.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:zoneminder:zoneminder:1.25.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:1.25.0:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-0232
reference_id CVE-2013-0232
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
url https://nvd.nist.gov/vuln/detail/CVE-2013-0232
17
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/remote/24310.rb
reference_id OSVDB-89529;CVE-2013-0332;CVE-2013-0232
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/remote/24310.rb
Weaknesses
Exploits
0
date_added null
description 
This module exploits a command execution vulnerability in ZoneMinder Video
          Server version 1.24.0 to 1.25.0 which could be abused to allow
          authenticated users to execute arbitrary commands under the context of the
          web server user. The 'packageControl' function in the
          'includes/actions.php' file calls 'exec()' with user controlled data
          from the 'runState' parameter.
required_action null
due_date null
notes 
Reliability:
  - unknown-reliability
Stability:
  - unknown-stability
SideEffects:
  - unknown-side-effects
known_ransomware_campaign_use false
source_date_published 2013-01-22
exploit_type null
platform Unix
source_date_updated null
data_source Metasploit
source_url https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/unix/webapp/zoneminder_packagecontrol_exec.rb
1
date_added 2013-01-24
description ZoneMinder Video Server - packageControl Command Execution (Metasploit)
required_action null
due_date null
notes null
known_ransomware_campaign_use true
source_date_published 2013-01-24
exploit_type remote
platform unix
source_date_updated 2013-01-24
data_source Exploit-DB
source_url
Severity_range_score7.5 - 7.5
Exploitability2.0
Weighted_severity6.8
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-tj5u-pm5u-4ug6