SQL injection vulnerability in Zend Framework prior to 1.12.9, 2.2.x prior to 2.2.8, and 2.3.x prior to 2.3.3, when using the sqlsrv PHP extension, allows remote malicious users to execute arbitrary SQL commands via a null byte.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
zend zend framework |
||
redhat enterprise linux 6.0 |
||
redhat enterprise linux 7.0 |
||
fedoraproject fedora 19 |
||
fedoraproject fedora 20 |
||
fedoraproject fedora 21 |