Vulnerabilities for zendframework1

Vulnerabilities for products matching "zendframework1"

Found 2 matching products. Filters apply to all results.

You can search for specific versions with /product/zendframework1/1.2.3

zendframework / zendframework1

21 vulnerabilities found

Title	Severity	Date	Affected Version
Zendframework1 Potential SQL injection in ORDER and GROUP functions	Critical	June 7, 2024 6/7/24	< 1.12.20
Zendframework Potential Information Disclosure and Insufficient Entropy vulnerability	High	June 7, 2024 6/7/24	>= 1.12.0 < 1.12.17
ZendFramework1 Potential Insufficient Entropy Vulnerability	High	June 7, 2024 6/7/24	>= 1.12.0 < 1.12.18
Zendframework1 potential SQL injection vector using null byte for PDO (MsSql, SQLite)	Critical	June 7, 2024 6/7/24	>= 1.12.0 < 1.12.16
ZendFramework1 Potential SQL injection in the ORDER implementation of Zend_Db_Select	Critical	June 7, 2024 6/7/24	>= 1.12.0 < 1.12.7
Zendframework potential security issue in login mechanism	High	June 7, 2024 6/7/24	>= 1.12.0 < 1.12.4
Zend_Filter_StripTags vulnerable to Cross-site Scripting when comments allowed	Medium	June 7, 2024 6/7/24	>= 1.7.0 < 1.7.9 >= 1.8.0 < 1.8.5 >= 1.9.0 < 1.9.7
Zendframework potential Cross-site Scripting vector in `Zend_Service_ReCaptcha_MailHide`	Medium	June 7, 2024 6/7/24	>= 1.7.0 < 1.7.9 >= 1.8.0 < 1.8.5 >= 1.9.0 < 1.9.7
Zendframework Potential XSS or HTML Injection vector in Zend_Json	Medium	June 7, 2024 6/7/24	>= 1.7.0 < 1.7.9 >= 1.8.0 < 1.8.5 >= 1.9.0 < 1.9.7
ZendFramework1 Potential Security Issues in Bundled Dojo Library	Medium	June 7, 2024 6/7/24	>= 1.9.0 < 1.9.8 >= 1.10.0 < 1.10.3
Zendframework Local file disclosure via XXE injection in Zend_XmlRpc	High	June 7, 2024 6/7/24	>= 1.0.0 < 1.11.13
Zendframework Denial of Service vector via XEE injection	High	June 7, 2024 6/7/24	>= 1.0.0 < 1.11.13
ZendFramework Cross-site Scripting vector in `Zend_Filter_StripTags`	Medium	June 7, 2024 6/7/24	>= 1.7.0 < 1.7.6
ZendFramework Potential Cross-site Scripting in Development Environment Error View Script	Medium	June 7, 2024 6/7/24	>= 1.0.0 < 1.11.4
ZendFramework potential XML eXternal Entity injection vectors	Critical	June 7, 2024 6/7/24	>= 1.12.0 < 1.12.4
ZendFramework potential XML eXternal Entity injection vectors	High	June 7, 2024 6/7/24	>= 1.11.0 < 1.11.15 >= 1.12.0 < 1.12.1
ZendFramework potential Cross-site Scripting vectors due to inconsistent encodings	Medium	June 7, 2024 6/7/24	>= 1.9.0 < 1.9.7
ZendFramework potential SQL Injection Vector When Using PDO_MySql	Critical	June 7, 2024 6/7/24	>= 1.10.0 < 1.10.9 >= 1.11.0 < 1.11.6
ZendFramework potential Cross-site Scripting vector in `Zend_Dojo_View_Helper_Editor`	Medium	June 7, 2024 6/7/24	>= 1.7.0 < 1.7.9 >= 1.8.0 < 1.8.5 >= 1.9.0 < 1.9.7
ZendFramework local file inclusion vector in `Zend_View::setScriptPath()` and `render()`	High	June 7, 2024 6/7/24	>= 1.7.0 < 1.7.5
CVE-2014-8089	Critical	February 17, 2020 2/17/20	>= 1.12.0 < 1.12.9

Showing vulnerabilities for 2 products matching "zendframework1". Each product has independent pagination.

Vulnerability Database

318,250

Vulnerabilities for products matching "zendframework1"

zendframework / zendframework1

Deep Security Visibility Without the Complexity