Search for packages
| purl | pkg:composer/zendframework/zendframework1@1.12.7 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-2ncq-wptr-k3ha
Aliases: ZF2015-08 |
SQL Injection Potential SQL injection vector using null byte for PDO (MsSql, SQLite). |
Affected by 7 other vulnerabilities. |
|
VCID-2xx4-77e9-pfbb
Aliases: ZF2016-02 |
Potential SQL injection The implementation of `ORDER BY` and `GROUP BY` in `Zend_Db_Select` of ZF1 is vulnerable by the following SQL injection. |
Affected by 1 other vulnerability. |
|
VCID-5bm4-grk6-w7hk
Aliases: CVE-2015-3154 GHSA-5957-5crx-79jx |
CRLF Injection Potential CRLF injection attacks in mail and HTTP headers. |
Affected by 11 other vulnerabilities. |
|
VCID-6xpr-93ef-27cu
Aliases: CVE-2014-8088 GHSA-f6rc-rh43-h8gr |
Improper Authentication The (1) `Zend_Ldap` class in Zend and (2) `Zend dap` component in Zend allows remote attackers to bypass authentication via a password starting with a null byte, which triggers an unauthenticated bind. |
Affected by 12 other vulnerabilities. |
|
VCID-8atm-865q-mkf3
Aliases: ZF2015-09 |
Potential Information Disclosure and Insufficient Entropy vulnerability in `Zend\Captcha\Word`. |
Affected by 5 other vulnerabilities. |
|
VCID-bjvu-jg9w-mqdd
Aliases: CVE-2016-6233 GHSA-p9hp-3gpv-52w3 |
SQL Injection The (1) order and (2) group methods in Zend_Db_Select in the Zend Framework might allow remote attackers to conduct SQL injection attacks via vectors related to use of the character pattern `[\w]*` in a regular expression. |
Affected by 1 other vulnerability. |
|
VCID-n2gy-93nd-gber
Aliases: ZF2016-01 |
Potential Insufficient Entropy Vulnerability in ZF1. |
Affected by 3 other vulnerabilities. |
|
VCID-njsg-e1w1-9qcy
Aliases: CVE-2015-5161 GHSA-xp8p-9rq5-4wgv |
XXE/XEE vulnerability via multibyte payloads There's a flow that allows remote attackers to bypass security checks and conduct XML external entity (XXE) and XML entity expansion (XEE) attacks via multibyte encoded characters. This only apply when running under PHP-FPM in a threaded environment. |
Affected by 10 other vulnerabilities. |
|
VCID-q73m-16a9-rkgx
Aliases: GMS-2015-49 |
Potential Information Disclosure and Insufficient Entropy in Zend\Captcha\Word Zend generates a "word" for a CAPTCHA challenge by selecting a sequence of random letters from a character set. The selection is performed using PHP's internal `array_rand()` function. This function does not generate sufficient entropy due to its usage of `rand()` instead of more cryptographically secure methods such as `openssl_pseudo_random_bytes()`. This can potentially lead to information disclosure should an attacker be able to brute force the random number generation. |
Affected by 5 other vulnerabilities. |
|
VCID-q74z-645k-c7dk
Aliases: CVE-2015-5723 GHSA-pw5c-xqf2-6xc2 |
Security Misconfiguration Vulnerability Doctrine uses `mkdir($cacheDirectory )` to create caches directories. if your application runs with a umask of |
Affected by 7 other vulnerabilities. |
|
VCID-r5y8-nc2w-kqde
Aliases: CVE-2014-8089 GHSA-qh9w-r7g5-q939 |
SQL Injection SQL injection vector when manually quoting values for `sqlsrv` extension, using null byte. |
Affected by 12 other vulnerabilities. |
|
VCID-rc3w-5r97-k3b3
Aliases: ZF2016-03 |
Potential SQL injection in ORDER and GROUP functions The implementation of ORDER BY and GROUP BY in `Zend_Db_Select` is prone to SQL injection when a combination of SQL expressions and comments are used. |
Affected by 0 other vulnerabilities. |
|
VCID-sjw9-2fwe-5ybg
Aliases: ZF2016-11 |
Potential Insufficient Entropy There are several methods used to generate random numbers in ZF1 that potentially used insufficient entropy. Moreover, there's a potential security issue in the usage of the `openssl_random_pseudo_bytes()` function in `Zend_Crypt_Math::randBytes`, reported in PHP BUG #70014, and the security implications reported in a discussion on the `random_compat` library. |
Affected by 3 other vulnerabilities. |
|
VCID-uvgx-4m6v-2bg7
Aliases: CVE-2015-7695 GHSA-2hvh-c5c2-vj85 |
SQL injection vector using null byte for PDO The PDO adapters of Zend Framework 1 do not filter null bytes values in SQL statements. A PDO adapter can treat null bytes in a query as a string terminator, allowing an attacker to add arbitrary SQL following a null byte, and thus create a SQL injection. This only impacts MsSql and SQLite adapters. |
Affected by 7 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-9bm9-b48z-zqcm | ZendFramework1 Potential SQL injection in the ORDER implementation of Zend_Db_Select The implementation of the ORDER BY SQL statement in Zend_Db_Select of Zend Framework 1 contains a potential SQL injection when the query string passed contains parentheses. For instance, the following code is affected by this issue: ``` $db = Zend_Db::factory( /* options here */ ); $select = $db->select() ->from(array('p' => 'products')) ->order('MD5(1); drop table products'); echo $select; ``` This code produce the string: ``` SELECT "p".* FROM "products" AS "p" ORDER BY MD5(1);drop table products ASC ``` instead of the correct one: ``` SELECT "p".* FROM "products" AS "p" ORDER BY "MD5(1);drop table products" ASC ``` The SQL injection occurs because we create a new Zend_Db_Expr() object, in presence of parentheses, passing directly the value without any filter on the string. |
GHSA-2x36-qhx3-7m5f
|
| VCID-a72a-7k6u-rqgr | SQL Injection Potential SQL injection in the ORDER implementation of `Zend_Db_Select`. |
ZF2014-04
|