Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zend framework 1.11.3 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-3825
Zend Framework 1.11.3 in Zend Server CE 5.1.0 allows remote malicious users to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by Validate.php and certain other files.
Zend Framework 1.11.3
Zend Server 5.1.0
NA
CVE-2012-5657
The (1) Zend_Feed_Rss and (2) Zend_Feed_Atom classes in Zend_Feed in Zend Framework 1.11.x prior to 1.11.15 and 1.12.x prior to 1.12.1 allow remote malicious users to read arbitrary files, send HTTP requests to intranet servers, and possibly cause a denial of service (CPU and mem...
Zend Zend Framework 1.11.10
Zend Zend Framework 1.11.11
Zend Zend Framework 1.11.12
Zend Zend Framework 1.11.13
Zend Zend Framework 1.11.2
Zend Zend Framework 1.11.3
Zend Zend Framework 1.11.4
Zend Zend Framework 1.11.5
Zend Zend Framework 1.11.1
Zend Zend Framework 1.11.6
Zend Zend Framework 1.11.8
Zend Zend Framework 1.11.0
Zend Zend Framework 1.11.7
Zend Zend Framework 1.11.9
Zend Zend Framework 1.12.0
NA
CVE-2012-6531
(1) Zend_Dom, (2) Zend_Feed, and (3) Zend_Soap in Zend Framework 1.x prior to 1.11.13 and 1.12.x prior to 1.12.0 do not properly handle SimpleXMLElement classes, which allow remote malicious users to read arbitrary files or create TCP connections via an external entity reference ...
Zend Zend Framework 1.6.0
Zend Zend Framework 1.6.1
Zend Zend Framework 1.6.2
Zend Zend Framework 1.7.0
Zend Zend Framework 1.7.1
Zend Zend Framework 1.8.4
Zend Zend Framework 1.8.5
Zend Zend Framework 1.9.0
Zend Zend Framework 1.9.1
Zend Zend Framework 1.10.6
Zend Zend Framework 1.10.7
Zend Zend Framework 1.10.8
Zend Zend Framework 1.11.0
Zend Zend Framework 1.12.0
Zend Zend Framework 1.5.0
Zend Zend Framework 1.5.2
Zend Zend Framework 1.7.2
Zend Zend Framework 1.7.4
Zend Zend Framework 1.8.1
Zend Zend Framework 1.8.3
Zend Zend Framework 1.9.2
Zend Zend Framework 1.9.4
NA
CVE-2012-6532
(1) Zend_Dom, (2) Zend_Feed, (3) Zend_Soap, and (4) Zend_XmlRpc in Zend Framework 1.x prior to 1.11.13 and 1.12.x prior to 1.12.0 allow remote malicious users to cause a denial of service (CPU consumption) via recursive or circular references in an XML entity definition in an XML...
Zend Zend Framework 1.0.4
Zend Zend Framework 1.7.0
Zend Zend Framework 1.7.1
Zend Zend Framework 1.7.8
Zend Zend Framework 1.7.9
Zend Zend Framework 1.9.0
Zend Zend Framework 1.9.1
Zend Zend Framework 1.10.0
Zend Zend Framework 1.10.1
Zend Zend Framework 1.10.8
Zend Zend Framework 1.11.0
Zend Zend Framework 1.5.0
Zend Zend Framework 1.5.1
Zend Zend Framework 1.5.2
Zend Zend Framework 1.7.2
Zend Zend Framework 1.7.3
Zend Zend Framework 1.8.0
Zend Zend Framework 1.8.1
Zend Zend Framework 1.9.2
Zend Zend Framework 1.9.3
Zend Zend Framework 1.9.4
Zend Zend Framework 1.10.2
NA
CVE-2014-2685
The GenericConsumer class in the Consumer component in ZendOpenId prior to 2.0.2 and the Zend_OpenId_Consumer class in Zend Framework 1 prior to 1.12.4 violate the OpenID 2.0 protocol by ensuring only that at least one field is signed, which allows remote malicious users to bypas...
Zend Zend Framework 1.9.7
Zend Zend Framework 1.9.6
Zend Zend Framework 1.9.0
Zend Zend Framework 1.8.1
Zend Zend Framework 1.8.0
Zend Zend Framework 1.7.5
Zend Zend Framework 1.7.4
Zend Zend Framework 1.7.0
Zend Zend Framework 1.6.2
Zend Zend Framework 1.6.1
Zend Zend Framework 1.5.1
Zend Zend Framework 1.5.0
Zend Zend Framework 1.12.0
Zend Zend Framework 1.11.7
Zend Zend Framework 1.11.6
Zend Zend Framework 1.9.5
Zend Zend Framework 1.9.4
Zend Zend Framework 1.8.5
Zend Zend Framework 1.7.3
Zend Zend Framework 1.6.0
Zend Zend Framework 1.12.2
Zend Zend Framework 1.11.5
NA
CVE-2015-5161
The Zend_Xml_Security::scan in ZendXml prior to 1.0.1 and Zend Framework prior to 1.12.14, 2.x prior to 2.4.6, and 2.5.x prior to 2.5.2, when running under PHP-FPM in a threaded environment, allows remote malicious users to bypass security checks and conduct XML external entity (...
Zend Zend Framework 1.0.0
Zend Zend Framework 1.5.0
Zend Zend Framework 1.5.1
Zend Zend Framework 1.6.1
Zend Zend Framework 1.6.2
Zend Zend Framework 1.7.3
Zend Zend Framework 1.7.4
Zend Zend Framework 1.8.0
Zend Zend Framework 1.8.1
Zend Zend Framework 1.9.0
Zend Zend Framework 1.9.5
Zend Zend Framework 1.9.6
Zend Zend Framework 1.10.2
Zend Zend Framework 1.10.3
Zend Zend Framework 1.11.0
Zend Zend Framework 1.11.6
Zend Zend Framework 1.11.7
Zend Zend Framework 1.11.8
Zend Zend Framework 1.12.0
Zend Zend Framework 1.12.5
Zend Zend Framework 1.12.6
Zend Zend Framework 2.0.0
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started