Search for packages
| purl | pkg:composer/zendframework/zendframework@1.12.19 |
| Tags | Ghost |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-bjvu-jg9w-mqdd
Aliases: CVE-2016-6233 GHSA-p9hp-3gpv-52w3 |
SQL Injection The (1) order and (2) group methods in Zend_Db_Select in the Zend Framework might allow remote attackers to conduct SQL injection attacks via vectors related to use of the character pattern `[\w]*` in a regular expression. |
Affected by 27 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-06-04T17:55:18.970153+00:00 | GithubOSV Importer | Fixing | VCID-bjvu-jg9w-mqdd | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-p9hp-3gpv-52w3/GHSA-p9hp-3gpv-52w3.json | 38.6.0 |
| 2026-06-02T04:36:47.947163+00:00 | GitLab Importer | Affected by | VCID-bjvu-jg9w-mqdd | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/zendframework/zendframework/CVE-2016-6233.yml | 38.6.0 |