CVEs-PoC/2016/CVE-2016-10140.md at ef999830cefac409bd2be04bf317a47573d9dfe5

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-09 19:17:37 +02:00

Files

T

0xMarcio ba290685fe Update CVE sources 2024-06-09 00:33

2024-06-09 00:33:16 +00:00

Description

Information disclosure and authentication bypass vulnerability exists in the Apache HTTP Server configuration bundled with ZoneMinder v1.30 and v1.29, which allows a remote unauthenticated attacker to browse all directories in the web root, e.g., a remote unauthenticated attacker can view all CCTV images on the server via the /events URI.

POC

Reference

http://seclists.org/bugtraq/2017/Feb/6
http://seclists.org/bugtraq/2017/Feb/6
http://seclists.org/fulldisclosure/2017/Feb/11
http://seclists.org/fulldisclosure/2017/Feb/11

Github

https://github.com/asaotomo/CVE-2016-10140-Zoneminder-Poc

967 B Raw Blame History

CVE-2016-10140

Description

POC

Reference

Github

967 B

Raw Blame History