Lucene search
GoogleOSV:GHSA-2HVH-C5C2-VJ85HistoryMay 17, 2022 - 3:44 a.m.
Zend Framework SQL injection vector using null byte for PDO
2022-05-1703:44:23
Google
osv.dev
4
The PDO adapters in Zend Framework before 1.12.16 do not filer null bytes in SQL statements, which allows remote attackers to execute arbitrary SQL commands via a crafted query.
References
framework.zend.com/security/advisory/ZF2015-08
www.debian.org/security/2015/dsa-3369
www.openwall.com/lists/oss-security/2015/09/30/6
www.openwall.com/lists/oss-security/2015/09/30/8
www.openwall.com/lists/oss-security/2015/10/11/3
www.securityfocus.com/bid/76784
github.com/zendframework/zf1
nvd.nist.gov/vuln/detail/CVE-2015-7695
Related
nvd
nvd
CVE-2015-7695
2016-06-07 14:06:10
cve
cve
CVE-2015-7695
2016-06-07 14:06:10
nessus
nessus
Debian DLA-326-1 : zendframework security update
2015-10-16 00:00:00
FreeBSD : ZendFramework1 -- SQL injection vulnerability (d3324fdb-6bf0-11e5-bc5e-00505699053e)
2015-10-07 00:00:00
Debian DSA-3369-1 : zendframework - security update
2015-10-07 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-326-1)
2023-03-08 00:00:00
Debian: Security Advisory (DSA-3369-1)
2015-10-05 00:00:00
github
github
Zend Framework SQL injection vector using null byte for PDO
2022-05-17 03:44:23
f5
f5
SOL06430416 - Zend Framework vulnerability CVE-2015-7695
2016-09-09 00:00:00
K06430416 : Zend Framework vulnerability CVE-2015-7695
2016-09-09 00:00:00
veracode
veracode
SQL Injection
2017-07-26 02:57:56
prion
prion
Sql injection
2016-06-07 14:06:00
cvelist
cvelist
CVE-2015-7695
2016-06-07 14:00:00
ubuntucve
ubuntucve
CVE-2015-7695
2016-06-07 00:00:00
debian
debian
[SECURITY] [DLA 326-1] zendframework security update
2015-10-15 21:07:52
freebsd
freebsd
ZendFramework1 -- SQL injection vulnerability
2015-09-15 00:00:00
osv
osv
zendframework - security update
2015-10-15 00:00:00