15 matches found
URL Rewrite
zendframework/zend-diactoros is vulnerable to URL Rewrite. The vulnerability is due to marshaling a request URI that includes logic to introspect HTTP request headers specific to a server-side URL rewrite mechanism. The attacker can emulate these headers to request arbitrary content...
Zend-Diactoros URL Rewrite vulnerability
zend-diactoros and, by extension, Expressive, zend-http and, by extension, Zend Framework MVC projects, and zend-feed specifically, its PubSubHubbub sub-component each contain a potential URL rewrite exploit. In each case, marshaling a request URI includes logic that introspects HTTP request...
GHSA-FQ4P-86HH-42V9 Zend-Diactoros URL Rewrite vulnerability
zend-diactoros and, by extension, Expressive, zend-http and, by extension, Zend Framework MVC projects, and zend-feed specifically, its PubSubHubbub sub-component each contain a potential URL rewrite exploit. In each case, marshaling a request URI includes logic that introspects HTTP request...
GHSA-JMMP-VH96-78RM Zend-Feed URL Rewrite vulnerability
zend-diactoros and, by extension, Expressive, zend-http and, by extension, Zend Framework MVC projects, and zend-feed specifically, its PubSubHubbub sub-component each contain a potential URL rewrite exploit. In each case, marshaling a request URI includes logic that introspects HTTP request...
Zend-Feed URL Rewrite vulnerability
zend-diactoros and, by extension, Expressive, zend-http and, by extension, Zend Framework MVC projects, and zend-feed specifically, its PubSubHubbub sub-component each contain a potential URL rewrite exploit. In each case, marshaling a request URI includes logic that introspects HTTP request...
GHSA-CG8W-5JRC-675G Zend-HTTP URL Rewrite vulnerability
zend-diactoros and, by extension, Expressive, zend-http and, by extension, Zend Framework MVC projects, and zend-feed specifically, its PubSubHubbub sub-component each contain a potential URL rewrite exploit. In each case, marshaling a request URI includes logic that introspects HTTP request...
Zend-HTTP URL Rewrite vulnerability
zend-diactoros and, by extension, Expressive, zend-http and, by extension, Zend Framework MVC projects, and zend-feed specifically, its PubSubHubbub sub-component each contain a potential URL rewrite exploit. In each case, marshaling a request URI includes logic that introspects HTTP request...
zend-diactoros Cross-site Scripting (XSS)
Zend/Diactoros/Uri::filterPath in zend-diactoros before 1.0.4 does not properly sanitize path input, which allows remote attackers to perform cross-site scripting XSS or open redirect attacks...
URL Rewrite vulnerability in multiple zendframework components
zend-diactoros and, by extension, Expressive, zend-http and, by extension, Zend Framework MVC projects, and zend-feed specifically, its PubSubHubbub sub-component each contain a potential URL rewrite exploit. In each case, marshaling a request URI includes logic that introspects HTTP request...
Fedora Update for php-zendframework-zend-diactoros FEDORA-2018-dbb0d41078
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for php-zendframework-zend-diactoros FEDORA-2018-4a606489ae
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Drupal Core Multiple Security Vulnerabilities (SA-CORE-2018-005) - Linux
Drupal is prone to multiple security vulnerabilities. Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Cross-Site Scripting (XSS)
zend-diactoros is vulnerable to cross-site scripting XSS attacks. A malicious user can inject and execute arbitrary javascript through the URI of a generated form...
Zend zend-diactoros has multiple vulnerabilities
Zend Framework is a set of open source PHP5 development framework , it is mainly used for the development of Web programs and services . zend-diactoros is an implementation of PSR-7 HTTP messages . A cross-site scripting vulnerability and an open redirection vulnerability exists in Zend...
Potential XSS and Open Redirect vectors in zend-diactoros
More info at https://framework.zend.com/security/advisory/ZF2015-05...