| Title |
Severity |
Exploit |
Date |
Affected Version |
|
Zendframework1 Potential SQL injection in ORDER and GROUP functions
|
Critical
|
|
Jun 7, 2024
|
< 1.12.20
|
|
Zendframework Potential Information Disclosure and Insufficient Entropy vulnerability
|
High
|
|
Jun 7, 2024
|
>= 1.12.0 < 1.12.17
|
|
ZendFramework1 Potential Insufficient Entropy Vulnerability
|
High
|
|
Jun 7, 2024
|
>= 1.12.0 < 1.12.18
|
|
Zendframework1 potential SQL injection vector using null byte for PDO (MsSql, SQLite)
|
Critical
|
|
Jun 7, 2024
|
>= 1.12.0 < 1.12.16
|
|
ZendFramework1 Potential SQL injection in the ORDER implementation of Zend_Db_Select
|
Critical
|
|
Jun 7, 2024
|
>= 1.12.0 < 1.12.7
|
|
Zendframework potential security issue in login mechanism
|
High
|
|
Jun 7, 2024
|
>= 1.12.0 < 1.12.4
|
|
Zend_Filter_StripTags vulnerable to Cross-site Scripting when comments allowed
|
Medium
|
|
Jun 7, 2024
|
>= 1.7.0 < 1.7.9
>= 1.8.0 < 1.8.5
>= 1.9.0 < 1.9.7
|
|
Zendframework potential Cross-site Scripting vector in `Zend_Service_ReCaptcha_MailHide`
|
Medium
|
|
Jun 7, 2024
|
>= 1.7.0 < 1.7.9
>= 1.8.0 < 1.8.5
>= 1.9.0 < 1.9.7
|
|
Zendframework Potential XSS or HTML Injection vector in Zend_Json
|
Medium
|
|
Jun 7, 2024
|
>= 1.7.0 < 1.7.9
>= 1.8.0 < 1.8.5
>= 1.9.0 < 1.9.7
|
|
ZendFramework1 Potential Security Issues in Bundled Dojo Library
|
Medium
|
|
Jun 7, 2024
|
>= 1.9.0 < 1.9.8
>= 1.10.0 < 1.10.3
|
zendframework / zendframework1