267 matches found
Insufficient Entropy In Random Number Generation
zendframework/zendframework1 is vulnerable to insufficient entropy in random number generation. The vulnerability is due to the use of rand or mtrand, which cannot generate cryptographically secure values, leading to potential information disclosure should an attacker be able to brute force the...
SQL Injection
zendframework/zendframework1 is vulnerable to SQL Injection. The vulnerability is due to the improper handling of SQL expressions and comments in the ORDER BY and GROUP BY clauses. Attackers can exploit this vulnerability by injecting malicious SQL code that can alter the intended SQL query and...
URL Rewrite
zendframework/zendframework is vulnerable to URL Rewrite. The vulnerability is due to the request URI marshaling logic that introspects HTTP request headers specific to server-side URL rewrite mechanisms. When these headers are present on systems not running the specific URL rewriting mechanism,...
Cross-site Scripting (XSS)
zendframework/zendframework is vulnerable to Cross-site Scripting XSS. The vulnerability is due to view helpers using escapeHtml instead of escapeHtmlAttr to escape HTML attributes, which can lead to potential XSS attack vectors when user data or JavaScript is used...
Session Fixation
zendframework/zendframework is vulnerable to Session Fixation. The vulnerability is due to session validators not working as expected if set prior to the start of a session...
Cross-site Scripting (XSS)
zendframework/zendframework is vulnerable to Cross-site Scripting XSS. The vulnerability is due to not using context-appropriate escaping mechanisms with Zend\Escaper when escaping HTML, HTML attributes, and/or URLs, which could potentially be exploited to perform XSS attacks...
Cross-Site Scripting (XSS)
zendframework/zend-navigation is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to the use of the escapeHtml view helper instead of escapeHtmlAttr, leading to improper HTML attribute escaping...
Sensitive Information Disclosure
zendframework/zend-developer-tools is vulnerable to Sensitive Information Disclosure. The vulnerability is due to a change made during the update to support PHP 7.3 that potentially prevents toolbar entries, which are enabled by default, from being disabled. The attacker can exploit this by...
Cross-site Scripting (XSS)
zendframework/zend-view is vulnerable to cross-site scripting XSS. The vulnerability is due to many view helpers using escapeHtml instead of the more appropriate escapeHtmlAttr for escaping HTML attributes, which can lead to potential XSS attack vectors when user data and/or JavaScript is used to...
Parameter Injection
zendframework/zendframework is vulnerable to Parameter Injection. The vulnerability is due to the way Zend\Mvc\Router\Http\Query captures any query parameters into the RouteMatch, allowing these parameters to override already captured routing parameters and bypass constraints defined in parent...
URL Redirection To Untrusted Site ('Open Redirect')
zendframework/zendframework is vulnerable to improper handling of IP addresses. The vulnerability is due to the class not verifying if the IP address in $SERVER'REMOTEADDR' is in the trusted proxy server list before using the X-Forwarded-For header...
GHSA-2X36-QHX3-7M5F ZendFramework1 Potential SQL injection in the ORDER implementation of Zend_Db_Select
The implementation of the ORDER BY SQL statement in ZendDbSelect of Zend Framework 1 contains a potential SQL injection when the query string passed contains parentheses. For instance, the following code is affected by this issue: $db = ZendDb::factory / options here / ; $select = $db-select...
Zendframework potential security issue in login mechanism
Using the Consumer component of ZendOpenId or ZendOpenId in ZF1, it is possible to login using an arbitrary OpenID account without knowing any secret information by using a malicious OpenID Provider. That means OpenID it is possible to login using arbitrary OpenID Identity MyOpenID, Google, etc,...
GHSA-9V78-H226-2RMQ Zendframework potential security issue in login mechanism
Using the Consumer component of ZendOpenId or ZendOpenId in ZF1, it is possible to login using an arbitrary OpenID account without knowing any secret information by using a malicious OpenID Provider. That means OpenID it is possible to login using arbitrary OpenID Identity MyOpenID, Google, etc,...
GHSA-4V57-PWVF-X35J Zendframework potential Cross-site Scripting vector in `Zend_Service_ReCaptcha_MailHide`
ZendServiceReCaptchaMailHide had a potential XSS vulnerability. Due to the fact that the email address was never validated, and because its use of htmlentities did not include the encoding argument, it was potentially possible for a malicious user aware of the issue to inject a specially crafted...
Zendframework potential Cross-site Scripting vector in `Zend_Service_ReCaptcha_MailHide`
ZendServiceReCaptchaMailHide had a potential XSS vulnerability. Due to the fact that the email address was never validated, and because its use of htmlentities did not include the encoding argument, it was potentially possible for a malicious user aware of the issue to inject a specially crafted...
Zendframework Potential XSS or HTML Injection vector in Zend_Json
ZendJsonEncoder was not taking into account the solidus character / during encoding, leading to incompatibilities with the JSON specification, and opening the potential for XSS or HTML injection attacks when returning HTML within a JSON string...
GHSA-VVM3-RV48-J3G5 Zendframework Potential XSS or HTML Injection vector in Zend_Json
ZendJsonEncoder was not taking into account the solidus character / during encoding, leading to incompatibilities with the JSON specification, and opening the potential for XSS or HTML injection attacks when returning HTML within a JSON string...
GHSA-2JX7-XG83-J2M7 Zendframework Denial of Service vector via XEE injection
ZendDom, ZendFeed, ZendSoap, and ZendXmlRpc are vulnerable to XML Entity Expansion XEE vectors, leading to Denial of Service vectors. XEE attacks occur when the XML DOCTYPE declaration includes XML entity definitions that contain either recursive or circular references; this leads to CPU and memo...
Zendframework Denial of Service vector via XEE injection
ZendDom, ZendFeed, ZendSoap, and ZendXmlRpc are vulnerable to XML Entity Expansion XEE vectors, leading to Denial of Service vectors. XEE attacks occur when the XML DOCTYPE declaration includes XML entity definitions that contain either recursive or circular references; this leads to CPU and memo...