{"url":"http://public2.vulnerablecode.io/api/packages/108630?format=json","purl":"pkg:deb/debian/zoneminder@1.34.6-1?distro=trixie","type":"deb","namespace":"debian","name":"zoneminder","version":"1.34.6-1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"1.34.21-1","latest_non_vulnerable_version":"1.36.37+dfsg1-1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207410?format=json","vulnerability_id":"VCID-1ecy-jjyj-fucm","summary":"Reflected - Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'newMonitor[LinkedMonitors]' parameter value in the view monitor (monitor.php) because proper filtration is omitted.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7341","reference_id":"","reference_type":"","scores":[{"value":"0.00262","scoring_system":"epss","scoring_elements":"0.49906","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00262","scoring_system":"epss","scoring_elements":"0.50041","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7341"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7341","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7341"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108630?format=json","purl":"pkg:deb/debian/zoneminder@1.34.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108619?format=json","purl":"pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1mvb-5ar4-eycc"},{"vulnerability":"VCID-1n6z-3z6n-ckfb"},{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-7mzc-fq3f-9yb5"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-gdcm-vdnx-4ydw"},{"vulnerability":"VCID-ht9w-7mmm-87d1"},{"vulnerability":"VCID-hx46-n2m8-rfgd"},{"vulnerability":"VCID-j2uu-668p-8ua2"},{"vulnerability":"VCID-js6d-nzff-2yau"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-qjrc-4xd2-r3ak"},{"vulnerability":"VCID-qt3f-7wsd-5bf5"},{"vulnerability":"VCID-sxnn-zasf-cbh7"},{"vulnerability":"VCID-v4kv-zju2-g7a6"},{"vulnerability":"VCID-w9p4-mts5-6ydd"},{"vulnerability":"VCID-wca4-3ggd-xfgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.23-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108617?format=json","purl":"pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-v4kv-zju2-g7a6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.33%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108621?format=json","purl":"pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.35%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108620?format=json","purl":"pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.37%252Bdfsg1-1%3Fdistro=trixie"}],"aliases":["CVE-2019-7341"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1ecy-jjyj-fucm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207403?format=json","vulnerability_id":"VCID-2cw6-ame8-sfgr","summary":"Self - Stored XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code in the view 'log' as it insecurely prints the 'Log Message' value on the web page without applying any proper filtration. This relates to the view=logs value.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7335","reference_id":"","reference_type":"","scores":[{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47527","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47668","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7335"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7335","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7335"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108630?format=json","purl":"pkg:deb/debian/zoneminder@1.34.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108619?format=json","purl":"pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1mvb-5ar4-eycc"},{"vulnerability":"VCID-1n6z-3z6n-ckfb"},{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-7mzc-fq3f-9yb5"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-gdcm-vdnx-4ydw"},{"vulnerability":"VCID-ht9w-7mmm-87d1"},{"vulnerability":"VCID-hx46-n2m8-rfgd"},{"vulnerability":"VCID-j2uu-668p-8ua2"},{"vulnerability":"VCID-js6d-nzff-2yau"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-qjrc-4xd2-r3ak"},{"vulnerability":"VCID-qt3f-7wsd-5bf5"},{"vulnerability":"VCID-sxnn-zasf-cbh7"},{"vulnerability":"VCID-v4kv-zju2-g7a6"},{"vulnerability":"VCID-w9p4-mts5-6ydd"},{"vulnerability":"VCID-wca4-3ggd-xfgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.23-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108617?format=json","purl":"pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-v4kv-zju2-g7a6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.33%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108621?format=json","purl":"pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.35%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108620?format=json","purl":"pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.37%252Bdfsg1-1%3Fdistro=trixie"}],"aliases":["CVE-2019-7335"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2cw6-ame8-sfgr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207414?format=json","vulnerability_id":"VCID-2wev-eqfp-pqbb","summary":"Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, as the view 'options' (options.php) does no input validation for the WEB_TITLE, HOME_URL, HOME_CONTENT, or WEB_CONSOLE_BANNER value, allowing an attacker to execute HTML or JavaScript code. This relates to functions.php.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7345","reference_id":"","reference_type":"","scores":[{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46656","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.468","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7345"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7345","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7345"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108630?format=json","purl":"pkg:deb/debian/zoneminder@1.34.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108619?format=json","purl":"pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1mvb-5ar4-eycc"},{"vulnerability":"VCID-1n6z-3z6n-ckfb"},{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-7mzc-fq3f-9yb5"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-gdcm-vdnx-4ydw"},{"vulnerability":"VCID-ht9w-7mmm-87d1"},{"vulnerability":"VCID-hx46-n2m8-rfgd"},{"vulnerability":"VCID-j2uu-668p-8ua2"},{"vulnerability":"VCID-js6d-nzff-2yau"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-qjrc-4xd2-r3ak"},{"vulnerability":"VCID-qt3f-7wsd-5bf5"},{"vulnerability":"VCID-sxnn-zasf-cbh7"},{"vulnerability":"VCID-v4kv-zju2-g7a6"},{"vulnerability":"VCID-w9p4-mts5-6ydd"},{"vulnerability":"VCID-wca4-3ggd-xfgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.23-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108617?format=json","purl":"pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-v4kv-zju2-g7a6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.33%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108621?format=json","purl":"pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.35%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108620?format=json","purl":"pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.37%252Bdfsg1-1%3Fdistro=trixie"}],"aliases":["CVE-2019-7345"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2wev-eqfp-pqbb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207395?format=json","vulnerability_id":"VCID-68nb-cczr-37bv","summary":"Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, as the form action on multiple views utilizes $_SERVER['PHP_SELF'] insecurely, mishandling any arbitrary input appended to the webroot URL, without any proper filtration, leading to XSS.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7329","reference_id":"","reference_type":"","scores":[{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47318","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47458","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7329"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7329","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7329"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"},{"reference_url":"https://usn.ubuntu.com/5889-1/","reference_id":"USN-5889-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5889-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108630?format=json","purl":"pkg:deb/debian/zoneminder@1.34.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108619?format=json","purl":"pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1mvb-5ar4-eycc"},{"vulnerability":"VCID-1n6z-3z6n-ckfb"},{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-7mzc-fq3f-9yb5"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-gdcm-vdnx-4ydw"},{"vulnerability":"VCID-ht9w-7mmm-87d1"},{"vulnerability":"VCID-hx46-n2m8-rfgd"},{"vulnerability":"VCID-j2uu-668p-8ua2"},{"vulnerability":"VCID-js6d-nzff-2yau"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-qjrc-4xd2-r3ak"},{"vulnerability":"VCID-qt3f-7wsd-5bf5"},{"vulnerability":"VCID-sxnn-zasf-cbh7"},{"vulnerability":"VCID-v4kv-zju2-g7a6"},{"vulnerability":"VCID-w9p4-mts5-6ydd"},{"vulnerability":"VCID-wca4-3ggd-xfgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.23-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108617?format=json","purl":"pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-v4kv-zju2-g7a6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.33%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108621?format=json","purl":"pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.35%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108620?format=json","purl":"pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.37%252Bdfsg1-1%3Fdistro=trixie"}],"aliases":["CVE-2019-7329"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-68nb-cczr-37bv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207400?format=json","vulnerability_id":"VCID-7cat-vgpj-8uec","summary":"Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'Exportfile' parameter value in the view download (download.php) because proper filtration is omitted.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7333","reference_id":"","reference_type":"","scores":[{"value":"0.00262","scoring_system":"epss","scoring_elements":"0.49906","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00262","scoring_system":"epss","scoring_elements":"0.50041","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7333"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7333","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7333"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108630?format=json","purl":"pkg:deb/debian/zoneminder@1.34.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108619?format=json","purl":"pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1mvb-5ar4-eycc"},{"vulnerability":"VCID-1n6z-3z6n-ckfb"},{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-7mzc-fq3f-9yb5"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-gdcm-vdnx-4ydw"},{"vulnerability":"VCID-ht9w-7mmm-87d1"},{"vulnerability":"VCID-hx46-n2m8-rfgd"},{"vulnerability":"VCID-j2uu-668p-8ua2"},{"vulnerability":"VCID-js6d-nzff-2yau"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-qjrc-4xd2-r3ak"},{"vulnerability":"VCID-qt3f-7wsd-5bf5"},{"vulnerability":"VCID-sxnn-zasf-cbh7"},{"vulnerability":"VCID-v4kv-zju2-g7a6"},{"vulnerability":"VCID-w9p4-mts5-6ydd"},{"vulnerability":"VCID-wca4-3ggd-xfgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.23-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108617?format=json","purl":"pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-v4kv-zju2-g7a6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.33%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108621?format=json","purl":"pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.35%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108620?format=json","purl":"pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.37%252Bdfsg1-1%3Fdistro=trixie"}],"aliases":["CVE-2019-7333"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7cat-vgpj-8uec"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207402?format=json","vulnerability_id":"VCID-91g7-e5sy-7yhc","summary":"Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'Exportfile' parameter value in the view export (export.php) because proper filtration is omitted.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7334","reference_id":"","reference_type":"","scores":[{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47527","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47668","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7334"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7334","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7334"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108630?format=json","purl":"pkg:deb/debian/zoneminder@1.34.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108619?format=json","purl":"pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1mvb-5ar4-eycc"},{"vulnerability":"VCID-1n6z-3z6n-ckfb"},{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-7mzc-fq3f-9yb5"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-gdcm-vdnx-4ydw"},{"vulnerability":"VCID-ht9w-7mmm-87d1"},{"vulnerability":"VCID-hx46-n2m8-rfgd"},{"vulnerability":"VCID-j2uu-668p-8ua2"},{"vulnerability":"VCID-js6d-nzff-2yau"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-qjrc-4xd2-r3ak"},{"vulnerability":"VCID-qt3f-7wsd-5bf5"},{"vulnerability":"VCID-sxnn-zasf-cbh7"},{"vulnerability":"VCID-v4kv-zju2-g7a6"},{"vulnerability":"VCID-w9p4-mts5-6ydd"},{"vulnerability":"VCID-wca4-3ggd-xfgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.23-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108617?format=json","purl":"pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-v4kv-zju2-g7a6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.33%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108621?format=json","purl":"pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.35%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108620?format=json","purl":"pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.37%252Bdfsg1-1%3Fdistro=trixie"}],"aliases":["CVE-2019-7334"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-91g7-e5sy-7yhc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207453?format=json","vulnerability_id":"VCID-9fw2-t4xc-auah","summary":"skins/classic/views/controlcap.php in ZoneMinder before 1.32.3 has XSS via the newControl array, as demonstrated by the newControl[MinTiltRange] parameter.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-8426","reference_id":"","reference_type":"","scores":[{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.56326","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.56445","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-8426"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8426","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8426"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108630?format=json","purl":"pkg:deb/debian/zoneminder@1.34.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108619?format=json","purl":"pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1mvb-5ar4-eycc"},{"vulnerability":"VCID-1n6z-3z6n-ckfb"},{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-7mzc-fq3f-9yb5"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-gdcm-vdnx-4ydw"},{"vulnerability":"VCID-ht9w-7mmm-87d1"},{"vulnerability":"VCID-hx46-n2m8-rfgd"},{"vulnerability":"VCID-j2uu-668p-8ua2"},{"vulnerability":"VCID-js6d-nzff-2yau"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-qjrc-4xd2-r3ak"},{"vulnerability":"VCID-qt3f-7wsd-5bf5"},{"vulnerability":"VCID-sxnn-zasf-cbh7"},{"vulnerability":"VCID-v4kv-zju2-g7a6"},{"vulnerability":"VCID-w9p4-mts5-6ydd"},{"vulnerability":"VCID-wca4-3ggd-xfgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.23-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108617?format=json","purl":"pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-v4kv-zju2-g7a6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.33%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108621?format=json","purl":"pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.35%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108620?format=json","purl":"pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.37%252Bdfsg1-1%3Fdistro=trixie"}],"aliases":["CVE-2019-8426"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9fw2-t4xc-auah"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207412?format=json","vulnerability_id":"VCID-9t2d-1k2q-vqbw","summary":"Reflected - Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'newMonitor[Method]' parameter value in the view monitor (monitor.php) because proper filtration is omitted.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7343","reference_id":"","reference_type":"","scores":[{"value":"0.00262","scoring_system":"epss","scoring_elements":"0.49906","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00262","scoring_system":"epss","scoring_elements":"0.50041","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7343"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7343","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7343"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108630?format=json","purl":"pkg:deb/debian/zoneminder@1.34.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108619?format=json","purl":"pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1mvb-5ar4-eycc"},{"vulnerability":"VCID-1n6z-3z6n-ckfb"},{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-7mzc-fq3f-9yb5"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-gdcm-vdnx-4ydw"},{"vulnerability":"VCID-ht9w-7mmm-87d1"},{"vulnerability":"VCID-hx46-n2m8-rfgd"},{"vulnerability":"VCID-j2uu-668p-8ua2"},{"vulnerability":"VCID-js6d-nzff-2yau"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-qjrc-4xd2-r3ak"},{"vulnerability":"VCID-qt3f-7wsd-5bf5"},{"vulnerability":"VCID-sxnn-zasf-cbh7"},{"vulnerability":"VCID-v4kv-zju2-g7a6"},{"vulnerability":"VCID-w9p4-mts5-6ydd"},{"vulnerability":"VCID-wca4-3ggd-xfgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.23-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108617?format=json","purl":"pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-v4kv-zju2-g7a6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.33%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108621?format=json","purl":"pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.35%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108620?format=json","purl":"pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.37%252Bdfsg1-1%3Fdistro=trixie"}],"aliases":["CVE-2019-7343"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9t2d-1k2q-vqbw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207406?format=json","vulnerability_id":"VCID-9t8b-1t7a-5ybc","summary":"Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3 as the view 'events' (events.php) insecurely displays the limit parameter value, without applying any proper output filtration. This issue exists because of the function sortHeader() in functions.php, which insecurely returns the value of the limit query string parameter without applying any filtration.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7337","reference_id":"","reference_type":"","scores":[{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46656","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.468","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7337"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7337","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7337"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108630?format=json","purl":"pkg:deb/debian/zoneminder@1.34.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108619?format=json","purl":"pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1mvb-5ar4-eycc"},{"vulnerability":"VCID-1n6z-3z6n-ckfb"},{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-7mzc-fq3f-9yb5"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-gdcm-vdnx-4ydw"},{"vulnerability":"VCID-ht9w-7mmm-87d1"},{"vulnerability":"VCID-hx46-n2m8-rfgd"},{"vulnerability":"VCID-j2uu-668p-8ua2"},{"vulnerability":"VCID-js6d-nzff-2yau"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-qjrc-4xd2-r3ak"},{"vulnerability":"VCID-qt3f-7wsd-5bf5"},{"vulnerability":"VCID-sxnn-zasf-cbh7"},{"vulnerability":"VCID-v4kv-zju2-g7a6"},{"vulnerability":"VCID-w9p4-mts5-6ydd"},{"vulnerability":"VCID-wca4-3ggd-xfgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.23-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108617?format=json","purl":"pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-v4kv-zju2-g7a6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.33%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108621?format=json","purl":"pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.35%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108620?format=json","purl":"pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.37%252Bdfsg1-1%3Fdistro=trixie"}],"aliases":["CVE-2019-7337"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9t8b-1t7a-5ybc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207396?format=json","vulnerability_id":"VCID-9xbe-bp4w-eqha","summary":"Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'show' parameter value in the view frame (frame.php) because proper filtration is omitted.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7330","reference_id":"","reference_type":"","scores":[{"value":"0.00262","scoring_system":"epss","scoring_elements":"0.49906","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00262","scoring_system":"epss","scoring_elements":"0.50041","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7330"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"},{"reference_url":"https://usn.ubuntu.com/5889-1/","reference_id":"USN-5889-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5889-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108630?format=json","purl":"pkg:deb/debian/zoneminder@1.34.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108619?format=json","purl":"pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1mvb-5ar4-eycc"},{"vulnerability":"VCID-1n6z-3z6n-ckfb"},{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-7mzc-fq3f-9yb5"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-gdcm-vdnx-4ydw"},{"vulnerability":"VCID-ht9w-7mmm-87d1"},{"vulnerability":"VCID-hx46-n2m8-rfgd"},{"vulnerability":"VCID-j2uu-668p-8ua2"},{"vulnerability":"VCID-js6d-nzff-2yau"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-qjrc-4xd2-r3ak"},{"vulnerability":"VCID-qt3f-7wsd-5bf5"},{"vulnerability":"VCID-sxnn-zasf-cbh7"},{"vulnerability":"VCID-v4kv-zju2-g7a6"},{"vulnerability":"VCID-w9p4-mts5-6ydd"},{"vulnerability":"VCID-wca4-3ggd-xfgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.23-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108617?format=json","purl":"pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-v4kv-zju2-g7a6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.33%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108621?format=json","purl":"pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.35%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108620?format=json","purl":"pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.37%252Bdfsg1-1%3Fdistro=trixie"}],"aliases":["CVE-2019-7330"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9xbe-bp4w-eqha"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207413?format=json","vulnerability_id":"VCID-a1k2-vucc-8ygy","summary":"Reflected XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code in the view 'filter' as it insecurely prints the 'filter[Name]' (aka Filter name) value on the web page without applying any proper filtration.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7344","reference_id":"","reference_type":"","scores":[{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47527","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47668","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7344"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7344","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7344"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108630?format=json","purl":"pkg:deb/debian/zoneminder@1.34.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108619?format=json","purl":"pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1mvb-5ar4-eycc"},{"vulnerability":"VCID-1n6z-3z6n-ckfb"},{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-7mzc-fq3f-9yb5"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-gdcm-vdnx-4ydw"},{"vulnerability":"VCID-ht9w-7mmm-87d1"},{"vulnerability":"VCID-hx46-n2m8-rfgd"},{"vulnerability":"VCID-j2uu-668p-8ua2"},{"vulnerability":"VCID-js6d-nzff-2yau"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-qjrc-4xd2-r3ak"},{"vulnerability":"VCID-qt3f-7wsd-5bf5"},{"vulnerability":"VCID-sxnn-zasf-cbh7"},{"vulnerability":"VCID-v4kv-zju2-g7a6"},{"vulnerability":"VCID-w9p4-mts5-6ydd"},{"vulnerability":"VCID-wca4-3ggd-xfgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.23-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108617?format=json","purl":"pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-v4kv-zju2-g7a6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.33%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108621?format=json","purl":"pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.35%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108620?format=json","purl":"pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.37%252Bdfsg1-1%3Fdistro=trixie"}],"aliases":["CVE-2019-7344"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a1k2-vucc-8ygy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207415?format=json","vulnerability_id":"VCID-aet5-4ybv-tug1","summary":"A CSRF check issue exists in ZoneMinder through 1.32.3 as whenever a CSRF check fails, a callback function is called displaying a \"Try again\" button, which allows resending the failed request, making the CSRF attack successful.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7346","reference_id":"","reference_type":"","scores":[{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.34019","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.34196","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7346"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7346","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7346"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108630?format=json","purl":"pkg:deb/debian/zoneminder@1.34.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108619?format=json","purl":"pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1mvb-5ar4-eycc"},{"vulnerability":"VCID-1n6z-3z6n-ckfb"},{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-7mzc-fq3f-9yb5"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-gdcm-vdnx-4ydw"},{"vulnerability":"VCID-ht9w-7mmm-87d1"},{"vulnerability":"VCID-hx46-n2m8-rfgd"},{"vulnerability":"VCID-j2uu-668p-8ua2"},{"vulnerability":"VCID-js6d-nzff-2yau"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-qjrc-4xd2-r3ak"},{"vulnerability":"VCID-qt3f-7wsd-5bf5"},{"vulnerability":"VCID-sxnn-zasf-cbh7"},{"vulnerability":"VCID-v4kv-zju2-g7a6"},{"vulnerability":"VCID-w9p4-mts5-6ydd"},{"vulnerability":"VCID-wca4-3ggd-xfgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.23-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108617?format=json","purl":"pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-v4kv-zju2-g7a6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.33%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108621?format=json","purl":"pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.35%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108620?format=json","purl":"pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.37%252Bdfsg1-1%3Fdistro=trixie"}],"aliases":["CVE-2019-7346"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-aet5-4ybv-tug1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/206779?format=json","vulnerability_id":"VCID-apax-feyh-dyeq","summary":"Stored XSS in the Filters page (Name field) in ZoneMinder 1.32.3 allows a malicious user to embed and execute JavaScript code in the browser of any user who navigates to this page.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13072","reference_id":"","reference_type":"","scores":[{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38257","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38431","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13072"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13072","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13072"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108630?format=json","purl":"pkg:deb/debian/zoneminder@1.34.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108619?format=json","purl":"pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1mvb-5ar4-eycc"},{"vulnerability":"VCID-1n6z-3z6n-ckfb"},{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-7mzc-fq3f-9yb5"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-gdcm-vdnx-4ydw"},{"vulnerability":"VCID-ht9w-7mmm-87d1"},{"vulnerability":"VCID-hx46-n2m8-rfgd"},{"vulnerability":"VCID-j2uu-668p-8ua2"},{"vulnerability":"VCID-js6d-nzff-2yau"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-qjrc-4xd2-r3ak"},{"vulnerability":"VCID-qt3f-7wsd-5bf5"},{"vulnerability":"VCID-sxnn-zasf-cbh7"},{"vulnerability":"VCID-v4kv-zju2-g7a6"},{"vulnerability":"VCID-w9p4-mts5-6ydd"},{"vulnerability":"VCID-wca4-3ggd-xfgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.23-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108617?format=json","purl":"pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-v4kv-zju2-g7a6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.33%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108621?format=json","purl":"pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.35%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108620?format=json","purl":"pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.37%252Bdfsg1-1%3Fdistro=trixie"}],"aliases":["CVE-2019-13072"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-apax-feyh-dyeq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207393?format=json","vulnerability_id":"VCID-bhdr-wh8b-muef","summary":"Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'scale' parameter value in the view frame (frame.php) via /js/frame.js.php because proper filtration is omitted.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7328","reference_id":"","reference_type":"","scores":[{"value":"0.00262","scoring_system":"epss","scoring_elements":"0.49906","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00262","scoring_system":"epss","scoring_elements":"0.50041","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7328"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7328","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7328"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"},{"reference_url":"https://usn.ubuntu.com/5889-1/","reference_id":"USN-5889-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5889-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108630?format=json","purl":"pkg:deb/debian/zoneminder@1.34.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108619?format=json","purl":"pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1mvb-5ar4-eycc"},{"vulnerability":"VCID-1n6z-3z6n-ckfb"},{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-7mzc-fq3f-9yb5"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-gdcm-vdnx-4ydw"},{"vulnerability":"VCID-ht9w-7mmm-87d1"},{"vulnerability":"VCID-hx46-n2m8-rfgd"},{"vulnerability":"VCID-j2uu-668p-8ua2"},{"vulnerability":"VCID-js6d-nzff-2yau"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-qjrc-4xd2-r3ak"},{"vulnerability":"VCID-qt3f-7wsd-5bf5"},{"vulnerability":"VCID-sxnn-zasf-cbh7"},{"vulnerability":"VCID-v4kv-zju2-g7a6"},{"vulnerability":"VCID-w9p4-mts5-6ydd"},{"vulnerability":"VCID-wca4-3ggd-xfgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.23-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108617?format=json","purl":"pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-v4kv-zju2-g7a6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.33%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108621?format=json","purl":"pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.35%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108620?format=json","purl":"pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.37%252Bdfsg1-1%3Fdistro=trixie"}],"aliases":["CVE-2019-7328"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bhdr-wh8b-muef"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207409?format=json","vulnerability_id":"VCID-d8pt-mbmg-z7av","summary":"POST - Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'filter[Query][terms][0][val]' parameter value in the view filter (filter.php) because proper filtration is omitted.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7340","reference_id":"","reference_type":"","scores":[{"value":"0.00262","scoring_system":"epss","scoring_elements":"0.49906","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00262","scoring_system":"epss","scoring_elements":"0.50041","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7340"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7340","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7340"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108630?format=json","purl":"pkg:deb/debian/zoneminder@1.34.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108619?format=json","purl":"pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1mvb-5ar4-eycc"},{"vulnerability":"VCID-1n6z-3z6n-ckfb"},{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-7mzc-fq3f-9yb5"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-gdcm-vdnx-4ydw"},{"vulnerability":"VCID-ht9w-7mmm-87d1"},{"vulnerability":"VCID-hx46-n2m8-rfgd"},{"vulnerability":"VCID-j2uu-668p-8ua2"},{"vulnerability":"VCID-js6d-nzff-2yau"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-qjrc-4xd2-r3ak"},{"vulnerability":"VCID-qt3f-7wsd-5bf5"},{"vulnerability":"VCID-sxnn-zasf-cbh7"},{"vulnerability":"VCID-v4kv-zju2-g7a6"},{"vulnerability":"VCID-w9p4-mts5-6ydd"},{"vulnerability":"VCID-wca4-3ggd-xfgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.23-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108617?format=json","purl":"pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-v4kv-zju2-g7a6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.33%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108621?format=json","purl":"pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.35%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108620?format=json","purl":"pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.37%252Bdfsg1-1%3Fdistro=trixie"}],"aliases":["CVE-2019-7340"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d8pt-mbmg-z7av"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207455?format=json","vulnerability_id":"VCID-ec6r-c63x-2fdw","summary":"ZoneMinder before 1.32.3 has SQL Injection via the skins/classic/views/control.php groupSql parameter, as demonstrated by a newGroup[MonitorIds][] value.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-8428","reference_id":"","reference_type":"","scores":[{"value":"0.00329","scoring_system":"epss","scoring_elements":"0.56212","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00329","scoring_system":"epss","scoring_elements":"0.56332","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-8428"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8428","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8428"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108630?format=json","purl":"pkg:deb/debian/zoneminder@1.34.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108619?format=json","purl":"pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1mvb-5ar4-eycc"},{"vulnerability":"VCID-1n6z-3z6n-ckfb"},{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-7mzc-fq3f-9yb5"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-gdcm-vdnx-4ydw"},{"vulnerability":"VCID-ht9w-7mmm-87d1"},{"vulnerability":"VCID-hx46-n2m8-rfgd"},{"vulnerability":"VCID-j2uu-668p-8ua2"},{"vulnerability":"VCID-js6d-nzff-2yau"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-qjrc-4xd2-r3ak"},{"vulnerability":"VCID-qt3f-7wsd-5bf5"},{"vulnerability":"VCID-sxnn-zasf-cbh7"},{"vulnerability":"VCID-v4kv-zju2-g7a6"},{"vulnerability":"VCID-w9p4-mts5-6ydd"},{"vulnerability":"VCID-wca4-3ggd-xfgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.23-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108617?format=json","purl":"pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-v4kv-zju2-g7a6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.33%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108621?format=json","purl":"pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.35%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108620?format=json","purl":"pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.37%252Bdfsg1-1%3Fdistro=trixie"}],"aliases":["CVE-2019-8428"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ec6r-c63x-2fdw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207423?format=json","vulnerability_id":"VCID-fgsb-nr36-kkhf","summary":"Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, as the view 'state' (aka Run State) (state.php) does no input validation to the value supplied to the 'New State' (aka newState) field, allowing an attacker to execute HTML or JavaScript code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7352","reference_id":"","reference_type":"","scores":[{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47527","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47668","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7352"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7352","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7352"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108630?format=json","purl":"pkg:deb/debian/zoneminder@1.34.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108619?format=json","purl":"pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1mvb-5ar4-eycc"},{"vulnerability":"VCID-1n6z-3z6n-ckfb"},{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-7mzc-fq3f-9yb5"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-gdcm-vdnx-4ydw"},{"vulnerability":"VCID-ht9w-7mmm-87d1"},{"vulnerability":"VCID-hx46-n2m8-rfgd"},{"vulnerability":"VCID-j2uu-668p-8ua2"},{"vulnerability":"VCID-js6d-nzff-2yau"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-qjrc-4xd2-r3ak"},{"vulnerability":"VCID-qt3f-7wsd-5bf5"},{"vulnerability":"VCID-sxnn-zasf-cbh7"},{"vulnerability":"VCID-v4kv-zju2-g7a6"},{"vulnerability":"VCID-w9p4-mts5-6ydd"},{"vulnerability":"VCID-wca4-3ggd-xfgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.23-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108617?format=json","purl":"pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-v4kv-zju2-g7a6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.33%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108621?format=json","purl":"pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.35%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108620?format=json","purl":"pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.37%252Bdfsg1-1%3Fdistro=trixie"}],"aliases":["CVE-2019-7352"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fgsb-nr36-kkhf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207389?format=json","vulnerability_id":"VCID-j6sf-45k2-pugj","summary":"Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, as multiple views under web/skins/classic/views insecurely utilize $_REQUEST['PHP_SELF'], without applying any proper filtration.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7325","reference_id":"","reference_type":"","scores":[{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47527","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47668","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7325"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7325","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7325"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"},{"reference_url":"https://usn.ubuntu.com/5889-1/","reference_id":"USN-5889-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5889-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108630?format=json","purl":"pkg:deb/debian/zoneminder@1.34.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108619?format=json","purl":"pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1mvb-5ar4-eycc"},{"vulnerability":"VCID-1n6z-3z6n-ckfb"},{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-7mzc-fq3f-9yb5"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-gdcm-vdnx-4ydw"},{"vulnerability":"VCID-ht9w-7mmm-87d1"},{"vulnerability":"VCID-hx46-n2m8-rfgd"},{"vulnerability":"VCID-j2uu-668p-8ua2"},{"vulnerability":"VCID-js6d-nzff-2yau"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-qjrc-4xd2-r3ak"},{"vulnerability":"VCID-qt3f-7wsd-5bf5"},{"vulnerability":"VCID-sxnn-zasf-cbh7"},{"vulnerability":"VCID-v4kv-zju2-g7a6"},{"vulnerability":"VCID-w9p4-mts5-6ydd"},{"vulnerability":"VCID-wca4-3ggd-xfgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.23-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108617?format=json","purl":"pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-v4kv-zju2-g7a6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.33%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108621?format=json","purl":"pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.35%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108620?format=json","purl":"pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.37%252Bdfsg1-1%3Fdistro=trixie"}],"aliases":["CVE-2019-7325"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j6sf-45k2-pugj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207407?format=json","vulnerability_id":"VCID-jjtm-n4qq-jkd3","summary":"Self - Stored XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code in the view 'group' as it insecurely prints the 'Group Name' value on the web page without applying any proper filtration.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7338","reference_id":"","reference_type":"","scores":[{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47527","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47668","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7338"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7338","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7338"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108630?format=json","purl":"pkg:deb/debian/zoneminder@1.34.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108619?format=json","purl":"pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1mvb-5ar4-eycc"},{"vulnerability":"VCID-1n6z-3z6n-ckfb"},{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-7mzc-fq3f-9yb5"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-gdcm-vdnx-4ydw"},{"vulnerability":"VCID-ht9w-7mmm-87d1"},{"vulnerability":"VCID-hx46-n2m8-rfgd"},{"vulnerability":"VCID-j2uu-668p-8ua2"},{"vulnerability":"VCID-js6d-nzff-2yau"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-qjrc-4xd2-r3ak"},{"vulnerability":"VCID-qt3f-7wsd-5bf5"},{"vulnerability":"VCID-sxnn-zasf-cbh7"},{"vulnerability":"VCID-v4kv-zju2-g7a6"},{"vulnerability":"VCID-w9p4-mts5-6ydd"},{"vulnerability":"VCID-wca4-3ggd-xfgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.23-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108617?format=json","purl":"pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-v4kv-zju2-g7a6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.33%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108621?format=json","purl":"pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.35%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108620?format=json","purl":"pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.37%252Bdfsg1-1%3Fdistro=trixie"}],"aliases":["CVE-2019-7338"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jjtm-n4qq-jkd3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207411?format=json","vulnerability_id":"VCID-nv78-vmxz-xkfn","summary":"POST - Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'filter[AutoExecuteCmd]' parameter value in the view filter (filter.php) because proper filtration is omitted.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7342","reference_id":"","reference_type":"","scores":[{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47318","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47458","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7342"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7342","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7342"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108630?format=json","purl":"pkg:deb/debian/zoneminder@1.34.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108619?format=json","purl":"pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1mvb-5ar4-eycc"},{"vulnerability":"VCID-1n6z-3z6n-ckfb"},{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-7mzc-fq3f-9yb5"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-gdcm-vdnx-4ydw"},{"vulnerability":"VCID-ht9w-7mmm-87d1"},{"vulnerability":"VCID-hx46-n2m8-rfgd"},{"vulnerability":"VCID-j2uu-668p-8ua2"},{"vulnerability":"VCID-js6d-nzff-2yau"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-qjrc-4xd2-r3ak"},{"vulnerability":"VCID-qt3f-7wsd-5bf5"},{"vulnerability":"VCID-sxnn-zasf-cbh7"},{"vulnerability":"VCID-v4kv-zju2-g7a6"},{"vulnerability":"VCID-w9p4-mts5-6ydd"},{"vulnerability":"VCID-wca4-3ggd-xfgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.23-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108617?format=json","purl":"pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-v4kv-zju2-g7a6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.33%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108621?format=json","purl":"pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.35%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108620?format=json","purl":"pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.37%252Bdfsg1-1%3Fdistro=trixie"}],"aliases":["CVE-2019-7342"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nv78-vmxz-xkfn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207416?format=json","vulnerability_id":"VCID-sfe1-355f-87hz","summary":"A Time-of-check Time-of-use (TOCTOU) Race Condition exists in ZoneMinder through 1.32.3 as a session remains active for an authenticated user even after deletion from the users table. This allows a nonexistent user to access and modify records (add/delete Monitors, Users, etc.).","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7347","reference_id":"","reference_type":"","scores":[{"value":"0.00553","scoring_system":"epss","scoring_elements":"0.68517","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00553","scoring_system":"epss","scoring_elements":"0.68606","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7347"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7347","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7347"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108630?format=json","purl":"pkg:deb/debian/zoneminder@1.34.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108619?format=json","purl":"pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1mvb-5ar4-eycc"},{"vulnerability":"VCID-1n6z-3z6n-ckfb"},{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-7mzc-fq3f-9yb5"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-gdcm-vdnx-4ydw"},{"vulnerability":"VCID-ht9w-7mmm-87d1"},{"vulnerability":"VCID-hx46-n2m8-rfgd"},{"vulnerability":"VCID-j2uu-668p-8ua2"},{"vulnerability":"VCID-js6d-nzff-2yau"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-qjrc-4xd2-r3ak"},{"vulnerability":"VCID-qt3f-7wsd-5bf5"},{"vulnerability":"VCID-sxnn-zasf-cbh7"},{"vulnerability":"VCID-v4kv-zju2-g7a6"},{"vulnerability":"VCID-w9p4-mts5-6ydd"},{"vulnerability":"VCID-wca4-3ggd-xfgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.23-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108617?format=json","purl":"pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-v4kv-zju2-g7a6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.33%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108621?format=json","purl":"pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.35%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108620?format=json","purl":"pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.37%252Bdfsg1-1%3Fdistro=trixie"}],"aliases":["CVE-2019-7347"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sfe1-355f-87hz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207418?format=json","vulnerability_id":"VCID-t14a-jbvg-cydq","summary":"Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'username' parameter value in the view user (user.php) because proper filtration is omitted.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7348","reference_id":"","reference_type":"","scores":[{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43243","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.434","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7348"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7348","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7348"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108630?format=json","purl":"pkg:deb/debian/zoneminder@1.34.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108619?format=json","purl":"pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1mvb-5ar4-eycc"},{"vulnerability":"VCID-1n6z-3z6n-ckfb"},{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-7mzc-fq3f-9yb5"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-gdcm-vdnx-4ydw"},{"vulnerability":"VCID-ht9w-7mmm-87d1"},{"vulnerability":"VCID-hx46-n2m8-rfgd"},{"vulnerability":"VCID-j2uu-668p-8ua2"},{"vulnerability":"VCID-js6d-nzff-2yau"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-qjrc-4xd2-r3ak"},{"vulnerability":"VCID-qt3f-7wsd-5bf5"},{"vulnerability":"VCID-sxnn-zasf-cbh7"},{"vulnerability":"VCID-v4kv-zju2-g7a6"},{"vulnerability":"VCID-w9p4-mts5-6ydd"},{"vulnerability":"VCID-wca4-3ggd-xfgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.23-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108617?format=json","purl":"pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-v4kv-zju2-g7a6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.33%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108621?format=json","purl":"pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.35%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108620?format=json","purl":"pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.37%252Bdfsg1-1%3Fdistro=trixie"}],"aliases":["CVE-2019-7348"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t14a-jbvg-cydq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207404?format=json","vulnerability_id":"VCID-v4ug-2ep5-1qgg","summary":"Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, as the view _monitor_filters.php contains takes in input from the user and saves it into the session, and retrieves it later (insecurely). The values of the MonitorName and Source parameters are being displayed without any output filtration being applied. This relates to the view=cycle value.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7336","reference_id":"","reference_type":"","scores":[{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47527","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47668","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7336"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7336","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7336"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108630?format=json","purl":"pkg:deb/debian/zoneminder@1.34.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108619?format=json","purl":"pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1mvb-5ar4-eycc"},{"vulnerability":"VCID-1n6z-3z6n-ckfb"},{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-7mzc-fq3f-9yb5"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-gdcm-vdnx-4ydw"},{"vulnerability":"VCID-ht9w-7mmm-87d1"},{"vulnerability":"VCID-hx46-n2m8-rfgd"},{"vulnerability":"VCID-j2uu-668p-8ua2"},{"vulnerability":"VCID-js6d-nzff-2yau"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-qjrc-4xd2-r3ak"},{"vulnerability":"VCID-qt3f-7wsd-5bf5"},{"vulnerability":"VCID-sxnn-zasf-cbh7"},{"vulnerability":"VCID-v4kv-zju2-g7a6"},{"vulnerability":"VCID-w9p4-mts5-6ydd"},{"vulnerability":"VCID-wca4-3ggd-xfgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.23-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108617?format=json","purl":"pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-v4kv-zju2-g7a6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.33%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108621?format=json","purl":"pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.35%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108620?format=json","purl":"pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.37%252Bdfsg1-1%3Fdistro=trixie"}],"aliases":["CVE-2019-7336"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v4ug-2ep5-1qgg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207399?format=json","vulnerability_id":"VCID-v73k-pche-7khs","summary":"Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'eid' (aka Event ID) parameter value in the view download (download.php) because proper filtration is omitted.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7332","reference_id":"","reference_type":"","scores":[{"value":"0.00262","scoring_system":"epss","scoring_elements":"0.49906","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00262","scoring_system":"epss","scoring_elements":"0.50041","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7332"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7332","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7332"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"},{"reference_url":"https://usn.ubuntu.com/5889-1/","reference_id":"USN-5889-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5889-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108630?format=json","purl":"pkg:deb/debian/zoneminder@1.34.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108619?format=json","purl":"pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1mvb-5ar4-eycc"},{"vulnerability":"VCID-1n6z-3z6n-ckfb"},{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-7mzc-fq3f-9yb5"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-gdcm-vdnx-4ydw"},{"vulnerability":"VCID-ht9w-7mmm-87d1"},{"vulnerability":"VCID-hx46-n2m8-rfgd"},{"vulnerability":"VCID-j2uu-668p-8ua2"},{"vulnerability":"VCID-js6d-nzff-2yau"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-qjrc-4xd2-r3ak"},{"vulnerability":"VCID-qt3f-7wsd-5bf5"},{"vulnerability":"VCID-sxnn-zasf-cbh7"},{"vulnerability":"VCID-v4kv-zju2-g7a6"},{"vulnerability":"VCID-w9p4-mts5-6ydd"},{"vulnerability":"VCID-wca4-3ggd-xfgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.23-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108617?format=json","purl":"pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-v4kv-zju2-g7a6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.33%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108621?format=json","purl":"pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.35%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108620?format=json","purl":"pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.37%252Bdfsg1-1%3Fdistro=trixie"}],"aliases":["CVE-2019-7332"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v73k-pche-7khs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207419?format=json","vulnerability_id":"VCID-w7s2-fuwq-k7fr","summary":"Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'newMonitor[V4LCapturesPerFrame]' parameter value in the view monitor (monitor.php) because proper filtration is omitted.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7349","reference_id":"","reference_type":"","scores":[{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47527","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47668","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7349"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7349","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7349"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108630?format=json","purl":"pkg:deb/debian/zoneminder@1.34.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108619?format=json","purl":"pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1mvb-5ar4-eycc"},{"vulnerability":"VCID-1n6z-3z6n-ckfb"},{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-7mzc-fq3f-9yb5"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-gdcm-vdnx-4ydw"},{"vulnerability":"VCID-ht9w-7mmm-87d1"},{"vulnerability":"VCID-hx46-n2m8-rfgd"},{"vulnerability":"VCID-j2uu-668p-8ua2"},{"vulnerability":"VCID-js6d-nzff-2yau"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-qjrc-4xd2-r3ak"},{"vulnerability":"VCID-qt3f-7wsd-5bf5"},{"vulnerability":"VCID-sxnn-zasf-cbh7"},{"vulnerability":"VCID-v4kv-zju2-g7a6"},{"vulnerability":"VCID-w9p4-mts5-6ydd"},{"vulnerability":"VCID-wca4-3ggd-xfgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.23-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108617?format=json","purl":"pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-v4kv-zju2-g7a6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.33%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108621?format=json","purl":"pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.35%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108620?format=json","purl":"pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.37%252Bdfsg1-1%3Fdistro=trixie"}],"aliases":["CVE-2019-7349"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w7s2-fuwq-k7fr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207390?format=json","vulnerability_id":"VCID-x7f2-cjpj-9ya9","summary":"Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'Host' parameter value in the view console (console.php) because proper filtration is omitted. This relates to the index.php?view=monitor Host Name field.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7326","reference_id":"","reference_type":"","scores":[{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47527","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47668","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7326"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7326","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7326"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"},{"reference_url":"https://usn.ubuntu.com/5889-1/","reference_id":"USN-5889-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5889-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108630?format=json","purl":"pkg:deb/debian/zoneminder@1.34.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108619?format=json","purl":"pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1mvb-5ar4-eycc"},{"vulnerability":"VCID-1n6z-3z6n-ckfb"},{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-7mzc-fq3f-9yb5"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-gdcm-vdnx-4ydw"},{"vulnerability":"VCID-ht9w-7mmm-87d1"},{"vulnerability":"VCID-hx46-n2m8-rfgd"},{"vulnerability":"VCID-j2uu-668p-8ua2"},{"vulnerability":"VCID-js6d-nzff-2yau"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-qjrc-4xd2-r3ak"},{"vulnerability":"VCID-qt3f-7wsd-5bf5"},{"vulnerability":"VCID-sxnn-zasf-cbh7"},{"vulnerability":"VCID-v4kv-zju2-g7a6"},{"vulnerability":"VCID-w9p4-mts5-6ydd"},{"vulnerability":"VCID-wca4-3ggd-xfgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.23-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108617?format=json","purl":"pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-v4kv-zju2-g7a6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.33%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108621?format=json","purl":"pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.35%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108620?format=json","purl":"pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.37%252Bdfsg1-1%3Fdistro=trixie"}],"aliases":["CVE-2019-7326"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x7f2-cjpj-9ya9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207451?format=json","vulnerability_id":"VCID-x83v-tq2x-2ffr","summary":"ZoneMinder before 1.32.3 has SQL Injection via the ajax/status.php sort parameter.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-8424","reference_id":"","reference_type":"","scores":[{"value":"0.00329","scoring_system":"epss","scoring_elements":"0.56212","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00329","scoring_system":"epss","scoring_elements":"0.56332","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-8424"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8424","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8424"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108630?format=json","purl":"pkg:deb/debian/zoneminder@1.34.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108619?format=json","purl":"pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1mvb-5ar4-eycc"},{"vulnerability":"VCID-1n6z-3z6n-ckfb"},{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-7mzc-fq3f-9yb5"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-gdcm-vdnx-4ydw"},{"vulnerability":"VCID-ht9w-7mmm-87d1"},{"vulnerability":"VCID-hx46-n2m8-rfgd"},{"vulnerability":"VCID-j2uu-668p-8ua2"},{"vulnerability":"VCID-js6d-nzff-2yau"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-qjrc-4xd2-r3ak"},{"vulnerability":"VCID-qt3f-7wsd-5bf5"},{"vulnerability":"VCID-sxnn-zasf-cbh7"},{"vulnerability":"VCID-v4kv-zju2-g7a6"},{"vulnerability":"VCID-w9p4-mts5-6ydd"},{"vulnerability":"VCID-wca4-3ggd-xfgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.23-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108617?format=json","purl":"pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-v4kv-zju2-g7a6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.33%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108621?format=json","purl":"pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.35%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108620?format=json","purl":"pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.37%252Bdfsg1-1%3Fdistro=trixie"}],"aliases":["CVE-2019-8424"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x83v-tq2x-2ffr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207392?format=json","vulnerability_id":"VCID-x9x6-uum2-17fa","summary":"Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'scale' parameter value in the view frame (frame.php) because proper filtration is omitted.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7327","reference_id":"","reference_type":"","scores":[{"value":"0.00262","scoring_system":"epss","scoring_elements":"0.49906","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00262","scoring_system":"epss","scoring_elements":"0.50041","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7327"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7327","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7327"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"},{"reference_url":"https://usn.ubuntu.com/5889-1/","reference_id":"USN-5889-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5889-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108630?format=json","purl":"pkg:deb/debian/zoneminder@1.34.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108619?format=json","purl":"pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1mvb-5ar4-eycc"},{"vulnerability":"VCID-1n6z-3z6n-ckfb"},{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-7mzc-fq3f-9yb5"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-gdcm-vdnx-4ydw"},{"vulnerability":"VCID-ht9w-7mmm-87d1"},{"vulnerability":"VCID-hx46-n2m8-rfgd"},{"vulnerability":"VCID-j2uu-668p-8ua2"},{"vulnerability":"VCID-js6d-nzff-2yau"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-qjrc-4xd2-r3ak"},{"vulnerability":"VCID-qt3f-7wsd-5bf5"},{"vulnerability":"VCID-sxnn-zasf-cbh7"},{"vulnerability":"VCID-v4kv-zju2-g7a6"},{"vulnerability":"VCID-w9p4-mts5-6ydd"},{"vulnerability":"VCID-wca4-3ggd-xfgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.23-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108617?format=json","purl":"pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-v4kv-zju2-g7a6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.33%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108621?format=json","purl":"pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.35%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108620?format=json","purl":"pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.37%252Bdfsg1-1%3Fdistro=trixie"}],"aliases":["CVE-2019-7327"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x9x6-uum2-17fa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207398?format=json","vulnerability_id":"VCID-xjrn-5a89-cqcv","summary":"Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3 while editing an existing monitor field named \"signal check color\" (monitor.php). There exists no input validation or output filtration, leaving it vulnerable to HTML Injection and an XSS attack.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7331","reference_id":"","reference_type":"","scores":[{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47527","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47668","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7331"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7331","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7331"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"},{"reference_url":"https://usn.ubuntu.com/5889-1/","reference_id":"USN-5889-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5889-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108630?format=json","purl":"pkg:deb/debian/zoneminder@1.34.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108619?format=json","purl":"pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1mvb-5ar4-eycc"},{"vulnerability":"VCID-1n6z-3z6n-ckfb"},{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-7mzc-fq3f-9yb5"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-gdcm-vdnx-4ydw"},{"vulnerability":"VCID-ht9w-7mmm-87d1"},{"vulnerability":"VCID-hx46-n2m8-rfgd"},{"vulnerability":"VCID-j2uu-668p-8ua2"},{"vulnerability":"VCID-js6d-nzff-2yau"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-qjrc-4xd2-r3ak"},{"vulnerability":"VCID-qt3f-7wsd-5bf5"},{"vulnerability":"VCID-sxnn-zasf-cbh7"},{"vulnerability":"VCID-v4kv-zju2-g7a6"},{"vulnerability":"VCID-w9p4-mts5-6ydd"},{"vulnerability":"VCID-wca4-3ggd-xfgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.23-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108617?format=json","purl":"pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-v4kv-zju2-g7a6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.33%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108621?format=json","purl":"pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.35%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108620?format=json","purl":"pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.37%252Bdfsg1-1%3Fdistro=trixie"}],"aliases":["CVE-2019-7331"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xjrn-5a89-cqcv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207408?format=json","vulnerability_id":"VCID-y3ym-yhmt-rbcx","summary":"POST - Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'level' parameter value in the view log (log.php) because proper filtration is omitted.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7339","reference_id":"","reference_type":"","scores":[{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47527","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47668","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7339"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7339","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7339"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108630?format=json","purl":"pkg:deb/debian/zoneminder@1.34.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108619?format=json","purl":"pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1mvb-5ar4-eycc"},{"vulnerability":"VCID-1n6z-3z6n-ckfb"},{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-7mzc-fq3f-9yb5"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-gdcm-vdnx-4ydw"},{"vulnerability":"VCID-ht9w-7mmm-87d1"},{"vulnerability":"VCID-hx46-n2m8-rfgd"},{"vulnerability":"VCID-j2uu-668p-8ua2"},{"vulnerability":"VCID-js6d-nzff-2yau"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-qjrc-4xd2-r3ak"},{"vulnerability":"VCID-qt3f-7wsd-5bf5"},{"vulnerability":"VCID-sxnn-zasf-cbh7"},{"vulnerability":"VCID-v4kv-zju2-g7a6"},{"vulnerability":"VCID-w9p4-mts5-6ydd"},{"vulnerability":"VCID-wca4-3ggd-xfgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.23-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108617?format=json","purl":"pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5p1d-e96m-b7hd"},{"vulnerability":"VCID-8dhk-t9tw-vkae"},{"vulnerability":"VCID-p1wf-u41d-pffx"},{"vulnerability":"VCID-v4kv-zju2-g7a6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.33%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108621?format=json","purl":"pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.35%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108620?format=json","purl":"pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.37%252Bdfsg1-1%3Fdistro=trixie"}],"aliases":["CVE-2019-7339"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y3ym-yhmt-rbcx"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.6-1%3Fdistro=trixie"}