CVE-2016-10204

SQL injection vulnerability in Zoneminder 1.30 and earlier allows remote attackers to execute arbitrary SQL commands via the limit parameter in a log query request to index.php. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt