Entreprise d'experts en Sécurité Informatique : Audits et conseils en cybersécurité
Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com


CVE-2024-51482

Description

ZoneMinder is a free, open source closed-circuit television software application. ZoneMinder v1.37.* <= 1.37.64 is vulnerable to boolean-based SQL Injection in function of web/ajax/event.php. This is fixed in 1.37.65.

POC

Reference

- https://github.com/ZoneMinder/zoneminder/security/advisories/GHSA-qm8h-3xvf-m7j3

Github

- https://github.com/ARPSyndicate/cve-scores

- https://github.com/BwithE/CVE-2024-51482

- https://github.com/DymphnaMary/Vulnerability-Assessment-on-an-Open-Source-Monitoring-Application

- https://github.com/EssenceCyber/Exploit-List

- https://github.com/PuddinCat/GithubRepoSpider

- https://github.com/aadithpreetham/Vulnerability-Assessment-on-an-Open-Source-Monitoring-Application

- https://github.com/fkie-cad/nvd-json-data-feeds

- https://github.com/zulloper/cve-poc