Lucene search
+L

4 matches found

OSV
OSV
added 2024/06/07 10:28 p.m.22 views

GHSA-3X57-M5P4-RGH4 ZendOpenID potential security issue in login mechanism

Using the Consumer component of ZendOpenId or ZendOpenId in ZF1, it is possible to login using an arbitrary OpenID account without knowing any secret information by using a malicious OpenID Provider. That means OpenID it is possible to login using arbitrary OpenID Identity MyOpenID, Google, etc,...

7.5CVSS7.2AI score
Exploits0References5
Github Security Blog
Github Security Blog
added 2024/06/07 10:28 p.m.14 views

ZendOpenID potential security issue in login mechanism

Using the Consumer component of ZendOpenId or ZendOpenId in ZF1, it is possible to login using an arbitrary OpenID account without knowing any secret information by using a malicious OpenID Provider. That means OpenID it is possible to login using arbitrary OpenID Identity MyOpenID, Google, etc,...

7.2AI score
Exploits0References5Affected Software1
OSV
OSV
added 2024/06/07 10:24 p.m.14 views

GHSA-9V78-H226-2RMQ Zendframework potential security issue in login mechanism

Using the Consumer component of ZendOpenId or ZendOpenId in ZF1, it is possible to login using an arbitrary OpenID account without knowing any secret information by using a malicious OpenID Provider. That means OpenID it is possible to login using arbitrary OpenID Identity MyOpenID, Google, etc,...

7.5CVSS7.2AI score
Exploits0References3
OSV
OSV
added 2014/04/03 12:43 a.m.10 views

MGASA-2014-0151 Updated php-ZendFramework packages fix multiple vulnerabilities

Updated php-ZendFramework packages fix security vulnerabilities: XML eXternal Entity XXE and XML Entity Expansion XEE flaws were discovered in the Zend Framework. An attacker could use these flaws to cause a denial of service, access files accessible to the server process, or possibly perform oth...

7.5CVSS9.5AI score0.02802EPSS
Exploits0References7
Rows per page
Query Builder