Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zend zend framework vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2015-0270
Zend Framework prior to 2.2.10 and 2.3.x prior to 2.3.5 has Potential SQL injection in PostgreSQL Zend\Db adapter.
Zend Framework
668
VMScore
CVE-2014-4914
The Zend_Db_Select::order function in Zend Framework prior to 1.12.7 does not properly handle parentheses, which allows remote malicious users to conduct SQL injection attacks via unspecified vectors.
Zend Zend Framework
Debian Debian Linux 8.0
Debian Debian Linux 7.0
668
VMScore
CVE-2016-6233
The (1) order and (2) group methods in Zend_Db_Select in the Zend Framework prior to 1.12.19 might allow remote malicious users to conduct SQL injection attacks via vectors related to use of the character pattern [\w]* in a regular expression.
Fedoraproject Fedora 25
Fedoraproject Fedora 24
Fedoraproject Fedora 23
Zend Zend Framework
668
VMScore
CVE-2016-4861
The (1) order and (2) group methods in Zend_Db_Select in the Zend Framework prior to 1.12.20 might allow remote malicious users to conduct SQL injection attacks by leveraging failure to remove comments from an SQL statement before validation.
Fedoraproject Fedora 25
Fedoraproject Fedora 24
Fedoraproject Fedora 23
Zend Zend Framework
668
VMScore
CVE-2015-7695
The PDO adapters in Zend Framework prior to 1.12.16 do not filer null bytes in SQL statements, which allows remote malicious users to execute arbitrary SQL commands via a crafted query.
Zend Zend Framework
Debian Debian Linux 8.0
Debian Debian Linux 7.0
668
VMScore
CVE-2014-2685
The GenericConsumer class in the Consumer component in ZendOpenId prior to 2.0.2 and the Zend_OpenId_Consumer class in Zend Framework 1 prior to 1.12.4 violate the OpenID 2.0 protocol by ensuring only that at least one field is signed, which allows remote malicious users to bypas...
Zend Zend Framework 1.10.6
Zend Zend Framework 1.10.0
Zend Zend Framework 1.12.0
Zend Zend Framework 1.11.0
Zend Zend Framework 1.10.3
Zend Zend Framework 1.11.4
Zend Zend Framework 1.7.4
Zend Zend Framework 1.7.5
Zend Zend Framework 1.10.5
Zend Zend Framework 1.11.11
Zend Zend Framework 1.10.8
Zend Zend Framework 1.12.2
Zend Zend Framework 1.5.0
Zend Zend Framework 1.9.6
Zend Zend Framework 1.8.3
Zend Zend Framework 1.7.6
Zend Zend Framework 1.8.0
Zend Zend Framework 1.11.5
Zend Zend Framework 1.8.4
Zend Zend Framework 1.7.2
Zend Zend Framework 1.0.0
Zend Zend Framework 1.6.0
668
VMScore
CVE-2009-4137
The loadContentFromCookie function in core/Cookie.php in Piwik prior to 0.5 does not validate strings obtained from cookies before calling the unserialize function, which allows remote malicious users to execute arbitrary code or upload arbitrary files via vectors related to the ...
Matomo Matomo 0.2.25
Matomo Matomo 0.2.26
Matomo Matomo 0.2.27
Matomo Matomo 0.2.28
Matomo Matomo 0.2.29
Matomo Matomo 0.2.30
Matomo Matomo 0.2.31
Matomo Matomo 0.2.32
668
VMScore
CVE-2007-1889
Integer signedness error in the _zend_mm_alloc_int function in the Zend Memory Manager in PHP 5.2.0 allows remote malicious users to execute arbitrary code via a large emalloc request, related to an incorrect signed long cast, as demonstrated via the HTTP SOAP client in PHP, and ...
Php Php 5.2.0
645
VMScore
CVE-2012-3363
Zend_XmlRpc in Zend Framework 1.x prior to 1.11.12 and 1.12.x prior to 1.12.0 does not properly handle SimpleXMLElement classes, which allows remote malicious users to read arbitrary files or create TCP connections via an external entity reference in a DOCTYPE element in an XML-R...
Zend Zend Framework 1.12.0
Zend Zend Framework
Fedoraproject Fedora 17
Fedoraproject Fedora 18
Debian Debian Linux 6.0
1 EDB exploit
641
VMScore
CVE-2015-5723
Doctrine Annotations prior to 1.2.7, Cache prior to 1.3.2 and 1.4.x prior to 1.4.2, Common prior to 2.4.3 and 2.5.x prior to 2.5.1, ORM prior to 2.4.8 or 2.5.x prior to 2.5.1, MongoDB ODM prior to 1.0.2, and MongoDB ODM Bundle prior to 3.0.1 use world-writable permissions for cac...
Zend Zend-cache 2.5.1
Zend Zend-cache 2.5.0
Zend Zend-cache 2.5.2
Zend Zend-cache
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Doctrine-project Object Relational Mapper 2.5.0
Doctrine-project Object Relational Mapper
Doctrine-project Doctrinemongodbbundle 3.0.0
Zend Zend Framework
Doctrine-project Common
Doctrine-project Common 2.5.0
Doctrine-project Annotations
Doctrine-project Mongodb-odm
Doctrine-project Cache 1.4.0
Doctrine-project Cache 1.4.1
Doctrine-project Cache
Zend Zf-apigility-doctrine
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-0044
remote code execution
CVE-2024-37080
CVE-2024-5182
CVE-2024-4390
CVE-2024-6100
brute force
CVE-2021-47581
file inclusion
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »