| Title |
Severity |
Exploit |
Date |
Affected Version |
|
Zendframework Local file disclosure via XXE injection in Zend_XmlRpc
|
High
|
|
Jun 7, 2024
|
>= 1.0.0 < 1.11.13
|
|
Zendframework Denial of Service vector via XEE injection
|
High
|
|
Jun 7, 2024
|
>= 1.0.0 < 1.11.13
|
|
ZendFramework Cross-site Scripting vector in `Zend_Filter_StripTags`
|
Medium
|
|
Jun 7, 2024
|
>= 1.7.0 < 1.7.6
|
|
ZendFramework Potential Cross-site Scripting in Development Environment Error View Script
|
Medium
|
|
Jun 7, 2024
|
>= 1.0.0 < 1.11.4
|
|
ZendFramework potential XML eXternal Entity injection vectors
|
Critical
|
|
Jun 7, 2024
|
>= 1.12.0 < 1.12.4
|
|
ZendFramework potential XML eXternal Entity injection vectors
|
High
|
|
Jun 7, 2024
|
>= 1.11.0 < 1.11.15
>= 1.12.0 < 1.12.1
|
|
ZendFramework potential Cross-site Scripting vectors due to inconsistent encodings
|
Medium
|
|
Jun 7, 2024
|
>= 1.9.0 < 1.9.7
|
|
ZendFramework potential SQL Injection Vector When Using PDO_MySql
|
Critical
|
|
Jun 7, 2024
|
>= 1.10.0 < 1.10.9
>= 1.11.0 < 1.11.6
|
|
ZendFramework potential Cross-site Scripting vector in `Zend_Dojo_View_Helper_Editor`
|
Medium
|
|
Jun 7, 2024
|
>= 1.7.0 < 1.7.9
>= 1.8.0 < 1.8.5
>= 1.9.0 < 1.9.7
|
|
ZendFramework local file inclusion vector in `Zend_View::setScriptPath()` and `render()`
|
High
|
|
Jun 7, 2024
|
>= 1.7.0 < 1.7.5
|
zendframework / zendframework1