CyberSec.Space Logo
Back to CVE Browser

CVE-2008-3882

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0920%
EPSS Percentile7.14th
PublishedSep 2, 2008
Last ModifiedApr 23, 2026

Vulnerability Description

Unspecified "Command Injection" vulnerability in ZoneMinder 1.23.3 and earlier allows remote attackers to execute arbitrary commands via (1) the executeFilter function in zm_html_view_events.php and (2) the run_state parameter to zm_html_view_state.php.

Affected Platforms (CPE)

πŸ“¦
Zoneminder

Zoneminder

<= 1.23.3
πŸ“¦
Zoneminder

Zoneminder

= 0.0.1
πŸ“¦
Zoneminder

Zoneminder

= 0.9.7
πŸ“¦
Zoneminder

Zoneminder

= 0.9.8
πŸ“¦
Zoneminder

Zoneminder

= 0.9.9
πŸ“¦
Zoneminder

Zoneminder

= 0.9.10
πŸ“¦
Zoneminder

Zoneminder

= 0.9.11
πŸ“¦
Zoneminder

Zoneminder

= 0.9.12
πŸ“¦
Zoneminder

Zoneminder

= 0.9.13
πŸ“¦
Zoneminder

Zoneminder

= 0.9.14
πŸ“¦
Zoneminder

Zoneminder

= 0.9.15
πŸ“¦
Zoneminder

Zoneminder

= 0.9.16
πŸ“¦
Zoneminder

Zoneminder

= 1.17.0
πŸ“¦
Zoneminder

Zoneminder

= 1.17.1
πŸ“¦
Zoneminder

Zoneminder

= 1.17.2
πŸ“¦
Zoneminder

Zoneminder

= 1.18.0
πŸ“¦
Zoneminder

Zoneminder

= 1.18.1
πŸ“¦
Zoneminder

Zoneminder

= 1.19.0
πŸ“¦
Zoneminder

Zoneminder

= 1.19.1
πŸ“¦
Zoneminder

Zoneminder

= 1.19.2
πŸ“¦
Zoneminder

Zoneminder

= 1.19.3
πŸ“¦
Zoneminder

Zoneminder

= 1.19.4
πŸ“¦
Zoneminder

Zoneminder

= 1.19.5
πŸ“¦
Zoneminder

Zoneminder

= 1.20.0
πŸ“¦
Zoneminder

Zoneminder

= 1.20.1
πŸ“¦
Zoneminder

Zoneminder

= 1.21.0
πŸ“¦
Zoneminder

Zoneminder

= 1.21.1
πŸ“¦
Zoneminder

Zoneminder

= 1.21.2
πŸ“¦
Zoneminder

Zoneminder

= 1.21.3
πŸ“¦
Zoneminder

Zoneminder

= 1.21.4
πŸ“¦
Zoneminder

Zoneminder

= 1.22.0
πŸ“¦
Zoneminder

Zoneminder

= 1.22.1
πŸ“¦
Zoneminder

Zoneminder

= 1.22.2
πŸ“¦
Zoneminder

Zoneminder

= 1.22.3
πŸ“¦
Zoneminder

Zoneminder

= 1.23.0
πŸ“¦
Zoneminder

Zoneminder

= 1.23.1
πŸ“¦
Zoneminder

Zoneminder

= 1.23.2

References & Advisories

πŸ”— http://secunia.com/advisories/31636
πŸ”— http://www.securityfocus.com/archive/1/495745/100/0/threaded
πŸ”— http://www.securityfocus.com/bid/30843
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/44728
πŸ”— http://secunia.com/advisories/31636
πŸ”— http://www.securityfocus.com/archive/1/495745/100/0/threaded
πŸ”— http://www.securityfocus.com/bid/30843
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/44728

Related Vulnerabilities

CVE-2019-69919.8

A classic Stack-based buffer overflow exists in the zmLoadUser() function in zm_user.cpp of the zmu binary in ZoneMinder through 1...

CVE-2018-10008329.8

ZoneMinder version <= 1.32.2 contains a Other/Unknown vulnerability in User-controlled parameter that can result in Disclosure of ...

CVE-2018-10008339.8

ZoneMinder version <= 1.32.2 contains a Other/Unknown vulnerability in User-controlled parameter that can result in Disclosure of ...

CVE-2019-84239.8

ZoneMinder through 1.32.3 has SQL Injection via the skins/classic/views/events.php filter[Query][terms][0][cnj] parameter.