Critical severity9.9NVD Advisory· Published Oct 31, 2024· Updated Apr 15, 2026

CVE-2024-51482

Description

ZoneMinder is a free, open source closed-circuit television software application. ZoneMinder v1.37.* <= 1.37.64 is vulnerable to boolean-based SQL Injection in function of web/ajax/event.php. This is fixed in 1.37.65.

Patches

6a2b1b034157

https://github.com/zoneminder/zonemindervia osv

9e7d31841ed9

https://github.com/zoneminder/zonemindervia osv

commit

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

github.com/ZoneMinder/zoneminder/commit/9e7d31841ed9678a7dd06869037686fc9925e59fnvd
github.com/ZoneMinder/zoneminder/security/advisories/GHSA-qm8h-3xvf-m7j3nvd

News mentions

No linked articles in our index yet.

cvss	0.643
epss	0.041
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000