Full title: ZoneMinder Language Settings Remote Code Execution Exploit 
Category: remote exploits
Platform: php
This Metasploit module exploits an arbitrary file write in the debug log file option chained with a path traversal in the language settings that leads to remote code execution in ZoneMinder surveillance software versions before 1.36.13 and before 1.37.11

# 0day.today @ http://0day.today/