CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-10201

Cross-site scripting (XSS) vulnerability in Zoneminder 1.30 and earlier allows remote attackers to inject arbitrary web script or HTML via the format parameter in a download log request to index.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 50.7%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

Products affected by CVE-2016-10201

Zoneminder » Zoneminder » Version: N/A

cpe:2.3:a:zoneminder:zoneminder:-
Zoneminder » Zoneminder » Version: 1.25

cpe:2.3:a:zoneminder:zoneminder:1.25
Zoneminder » Zoneminder » Version: 1.26

cpe:2.3:a:zoneminder:zoneminder:1.26
Zoneminder » Zoneminder » Version: 1.26.0

cpe:2.3:a:zoneminder:zoneminder:1.26.0
Zoneminder » Zoneminder » Version: 1.26.1

cpe:2.3:a:zoneminder:zoneminder:1.26.1
Zoneminder » Zoneminder » Version: 1.26.2

cpe:2.3:a:zoneminder:zoneminder:1.26.2
Zoneminder » Zoneminder » Version: 1.26.3

cpe:2.3:a:zoneminder:zoneminder:1.26.3
Zoneminder » Zoneminder » Version: 1.26.4

cpe:2.3:a:zoneminder:zoneminder:1.26.4
Zoneminder » Zoneminder » Version: 1.26.5

cpe:2.3:a:zoneminder:zoneminder:1.26.5
Zoneminder » Zoneminder » Version: 1.27.0

cpe:2.3:a:zoneminder:zoneminder:1.27.0
Zoneminder » Zoneminder » Version: 1.28.0

cpe:2.3:a:zoneminder:zoneminder:1.28.0
Zoneminder » Zoneminder » Version: 1.28.1

cpe:2.3:a:zoneminder:zoneminder:1.28.1
Zoneminder » Zoneminder » Version: 1.29.0

cpe:2.3:a:zoneminder:zoneminder:1.29.0
Zoneminder » Zoneminder » Version: 1.30.0

cpe:2.3:a:zoneminder:zoneminder:1.30.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-10201

Products

Pricing

Contact Us