Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
ZendFramework

3 matches found

CVE
CVEadded 2019/10/25 1:33 p.m.58 views

CVE-2015-0270

Zend Framework versions affected: <2.2.10 and with a potential SQL injection in the PostgreSQL Zend\Db adapter. Root cause: improper handling/validation in the Zend\Db adapter leading to injectable SQL when interacting with PostgreSQL. Impact: potential disclosure or modification of data via ...

9.8CVSS9.8AI score0.00331EPSS
CVE
CVEadded 2009/12/24 5:0 p.m.54 views

CVE-2009-4417

The CVE concerns Zend Framework’s Zend_Log_Writer_Mail shutdown function. Affected component is Zend Framework (ZF) – specifically Zend_Log_Writer_Mail – where the shutdown() path allows context-dependent attackers to cause arbitrary e-mails to be sent to any recipient via vectors related to “eve...

5CVSS6.5AI score0.0025EPSS
CVE
CVEadded 2011/09/24 12:0 a.m.45 views

CVE-2011-3825

Zend Framework 1.11.3 in Zend Server CE 5.1.0 is affected. A vulnerability allows remote attackers to disclose sensitive information by directly requesting a .php file, which reveals the installation path in an error message (as demonstrated by Validate.php and related files). The description fro...

5CVSS6.3AI score0.00278EPSS