{"id":"CVE-2008-1381","details":"ZoneMinder before 1.23.3 allows remote authenticated users, and possibly unauthenticated attackers in some installations, to execute arbitrary commands via shell metacharacters in a crafted URL.","modified":"2026-04-10T03:39:44.722208Z","published":"2008-05-01T19:05:00Z","references":[{"type":"ADVISORY","url":"http://secunia.com/advisories/29995"},{"type":"ADVISORY","url":"http://secunia.com/advisories/30189"},{"type":"ARTICLE","url":"http://www.awe.com/mark/blog/200804272230.html"},{"type":"WEB","url":"http://www.securityfocus.com/bid/28968"},{"type":"WEB","url":"http://www.zoneminder.com/wiki/index.php/Change_History#Release_1.23.3"},{"type":"WEB","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/42046"},{"type":"WEB","url":"https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00078.html"},{"type":"WEB","url":"https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00085.html"}],"schema_version":"1.7.5"}