Description of CVE-2024-51482 (Boolean-based SQL Injection in ZoneMinder)
ZoneMinder is a free, open source closed-circuit television software application. ZoneMinder v1.37.* <= 1.37.64 is vulnerable to boolean-based SQL Injection in function of web/ajax/event.php. This is fixed in 1.37.65.
CVE-2024-51482 is a critical security vulnerability affecting ZoneMinder, a popular open-source video surveillance software application. This flaw exists in versions 1.37.0 through 1.37.63 and allows attackers to inject malicious SQL code through the web/ajax/event.php function.
