UBUNTU-CVE-2016-6233

The 1 order and 2 group methods in ZendDbSelect in the Zend Framework before 1.12.19 might allow remote attackers to conduct SQL injection attacks via vectors related to use of the character pattern \w in a regular expression...

Zend Framework SQL Injection Vulnerability

Zend Framework ZF is the United States Zend company developed a set of open source PHP5 development framework. A SQL injection vulnerability exists in versions of ZF prior to 1.12.19, which can be exploited by attackers to compromise an application, access or modify data, or exploit potential...