Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zend zend framework vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2015-7695
The PDO adapters in Zend Framework prior to 1.12.16 do not filer null bytes in SQL statements, which allows remote malicious users to execute arbitrary SQL commands via a crafted query.
Zend Zend Framework
Debian Debian Linux 7.0
Debian Debian Linux 8.0
7.2
CVSSv2
CVE-2015-5723
Doctrine Annotations prior to 1.2.7, Cache prior to 1.3.2 and 1.4.x prior to 1.4.2, Common prior to 2.4.3 and 2.5.x prior to 2.5.1, ORM prior to 2.4.8 or 2.5.x prior to 2.5.1, MongoDB ODM prior to 1.0.2, and MongoDB ODM Bundle prior to 3.0.1 use world-writable permissions for cac...
Zend Zend-cache 2.5.1
Zend Zend-cache 2.5.0
Zend Zend-cache 2.5.2
Zend Zend-cache
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Doctrine-project Object Relational Mapper 2.5.0
Doctrine-project Object Relational Mapper
Doctrine-project Doctrinemongodbbundle 3.0.0
Zend Zend Framework
Doctrine-project Common
Doctrine-project Common 2.5.0
Doctrine-project Annotations
Doctrine-project Mongodb-odm
Doctrine-project Cache 1.4.0
Doctrine-project Cache 1.4.1
Doctrine-project Cache
Zend Zf-apigility-doctrine
1 Github repository
6.8
CVSSv2
CVE-2015-5161
The Zend_Xml_Security::scan in ZendXml prior to 1.0.1 and Zend Framework prior to 1.12.14, 2.x prior to 2.4.6, and 2.5.x prior to 2.5.2, when running under PHP-FPM in a threaded environment, allows remote malicious users to bypass security checks and conduct XML external entity (...
Zend Zend Framework 1.0.0
Zend Zend Framework 1.5.0
Zend Zend Framework 1.5.1
Zend Zend Framework 1.6.1
Zend Zend Framework 1.6.2
Zend Zend Framework 1.7.3
Zend Zend Framework 1.7.4
Zend Zend Framework 1.8.0
Zend Zend Framework 1.8.1
Zend Zend Framework 1.9.0
Zend Zend Framework 1.9.5
Zend Zend Framework 1.9.6
Zend Zend Framework 1.10.2
Zend Zend Framework 1.10.3
Zend Zend Framework 1.11.0
Zend Zend Framework 1.11.6
Zend Zend Framework 1.11.7
Zend Zend Framework 1.11.8
Zend Zend Framework 1.12.0
Zend Zend Framework 1.12.5
Zend Zend Framework 1.12.6
Zend Zend Framework 2.0.0
2 EDB exploits
6.4
CVSSv2
CVE-2014-2681
Zend Framework 1 (ZF1) prior to 1.12.4, Zend Framework 2 prior to 2.1.6 and 2.2.x prior to 2.2.6, ZendOpenId, ZendRest, ZendService_AudioScrobbler, ZendService_Nirvanix, ZendService_SlideShare, ZendService_Technorati, and ZendService_WindowsAzure prior to 2.0.2, ZendService_Amazo...
Zend Zendrest
Zend Zend Framework
Zend Zendservice Slideshare
Zend Zendservice Api
Zend Zendservice Audioscrobbler
Zend Zendservice Amazon
Zend Zendservice Technorati
Zend Zendservice Windowsazure
Zend Zendopenid
Zend Zendservice Nirvanix
6.8
CVSSv2
CVE-2014-2682
Zend Framework 1 (ZF1) prior to 1.12.4, Zend Framework 2 prior to 2.1.6 and 2.2.x prior to 2.2.6, ZendOpenId, ZendRest, ZendService_AudioScrobbler, ZendService_Nirvanix, ZendService_SlideShare, ZendService_Technorati, and ZendService_WindowsAzure prior to 2.0.2, ZendService_Amazo...
Zend Zendrest
Zend Zend Framework
Zend Zendservice Slideshare
Zend Zendservice Api
Zend Zendservice Audioscrobbler
Zend Zendservice Amazon
Zend Zendservice Technorati
Zend Zendservice Windowsazure
Zend Zendopenid
Zend Zendservice Nirvanix
5
CVSSv2
CVE-2014-2683
Zend Framework 1 (ZF1) prior to 1.12.4, Zend Framework 2 prior to 2.1.6 and 2.2.x prior to 2.2.6, ZendOpenId, ZendRest, ZendService_AudioScrobbler, ZendService_Nirvanix, ZendService_SlideShare, ZendService_Technorati, and ZendService_WindowsAzure prior to 2.0.2, ZendService_Amazo...
Zend Zendrest
Zend Zend Framework
Zend Zendservice Slideshare
Zend Zendservice Api
Zend Zendservice Audioscrobbler
Zend Zendservice Amazon
Zend Zendservice Technorati
Zend Zendservice Windowsazure
Zend Zendopenid
Zend Zendservice Nirvanix
6.4
CVSSv2
CVE-2014-2684
The GenericConsumer class in the Consumer component in ZendOpenId prior to 2.0.2 and the Zend_OpenId_Consumer class in Zend Framework 1 prior to 1.12.4 does not verify that the openid_op_endpoint value identifies the same Identity Provider as the provider used in the association ...
Zend Zendopenid
Zend Zend Framework
5
CVSSv2
CVE-2014-8088
The (1) Zend_Ldap class in Zend prior to 1.12.9 and (2) Zend\Ldap component in Zend 2.x prior to 2.2.8 and 2.3.x prior to 2.3.3 allows remote malicious users to bypass authentication via a password starting with a null byte, which triggers an unauthenticated bind.
Zend Zend Framework
Zend Zend Framework 1.12.0
Zend Zend Framework 2.01
Zend Zend Framework 2.0.0
Zend Zend Framework 1.12.5
Zend Zend Framework 1.12.3
Zend Zend Framework 2.2.3
Zend Zend Framework 2.3.2
Zend Zend Framework 2.3.1
Zend Zend Framework 2.2.5
Zend Zend Framework 2.2.6
Zend Zend Framework 2.2.7
Zend Zend Framework 1.12.2
Zend Zend Framework 1.12.1
Zend Zend Framework 2.2.2
Zend Zend Framework 2.2.4
Zend Zend Framework 2.3.0
7.5
CVSSv2
CVE-2014-2685
The GenericConsumer class in the Consumer component in ZendOpenId prior to 2.0.2 and the Zend_OpenId_Consumer class in Zend Framework 1 prior to 1.12.4 violate the OpenID 2.0 protocol by ensuring only that at least one field is signed, which allows remote malicious users to bypas...
Zend Zend Framework 1.9.7
Zend Zend Framework 1.9.6
Zend Zend Framework 1.9.0
Zend Zend Framework 1.8.1
Zend Zend Framework 1.8.0
Zend Zend Framework 1.7.5
Zend Zend Framework 1.7.4
Zend Zend Framework 1.7.0
Zend Zend Framework 1.6.2
Zend Zend Framework 1.6.1
Zend Zend Framework 1.5.1
Zend Zend Framework 1.5.0
Zend Zend Framework 1.12.0
Zend Zend Framework 1.11.7
Zend Zend Framework 1.11.6
Zend Zend Framework 1.9.5
Zend Zend Framework 1.9.4
Zend Zend Framework 1.8.5
Zend Zend Framework 1.7.3
Zend Zend Framework 1.6.0
Zend Zend Framework 1.12.2
Zend Zend Framework 1.11.5
5
CVSSv2
CVE-2012-5657
The (1) Zend_Feed_Rss and (2) Zend_Feed_Atom classes in Zend_Feed in Zend Framework 1.11.x prior to 1.11.15 and 1.12.x prior to 1.12.1 allow remote malicious users to read arbitrary files, send HTTP requests to intranet servers, and possibly cause a denial of service (CPU and mem...
Zend Zend Framework 1.11.10
Zend Zend Framework 1.11.11
Zend Zend Framework 1.11.12
Zend Zend Framework 1.11.13
Zend Zend Framework 1.11.2
Zend Zend Framework 1.11.3
Zend Zend Framework 1.11.4
Zend Zend Framework 1.11.5
Zend Zend Framework 1.11.1
Zend Zend Framework 1.11.6
Zend Zend Framework 1.11.8
Zend Zend Framework 1.11.0
Zend Zend Framework 1.11.7
Zend Zend Framework 1.11.9
Zend Zend Framework 1.12.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
CVE-2024-35649
stored XSS
CVE-2022-28654
CVE-2020-35153
CVE-2024-27348
CVE-2022-28652
local users
CVE-2017-3506
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »