SQL injection vulnerability in Zend Framework before 1.12.9, 2.2.x before 2.2.8, and 2.3.x before 2.3.3, when using the sqlsrv PHP extension, allows remote attackers to execute arbitrary SQL commands via a null byte.

References

framework.zend.com/security/advisory/ZF2014-06

seclists.org/oss-sec/2014/q4/276

www.securityfocus.com/bid/70011

bugzilla.redhat.com/show_bug.cgi?id=1151277

cve 1

friendsofphp 3

prion 1

ubuntucve 1

osv 5

github 1

veracode 1

nvd 1

nessus 10

fedora 8

openvas 11

amazon 1

mageia 1

securityvulns 3

debian 4

rapid7blog 1

cve

CVE-2014-8089

2020-02-17 22:15:11

friendsofphp

SQL injection vector when manually quoting values for sqlsrv extension, using null byte

2014-09-16 22:00:00

SQL injection vector when manually quoting values for sqlsrv extension, using null byte

2014-09-16 22:00:00

SQL injection vector when manually quoting values for sqlsrv extension, using null byte

2014-09-16 22:00:00

prion

Sql injection

2020-02-17 22:15:00

ubuntucve

CVE-2014-8089

2020-02-17 00:00:00

osv

Zend Framework SQL injection vulnerability

2024-04-23 22:39:03

zendframework - security update

2015-05-20 00:00:00

zendframework - regression update

2015-05-20 00:00:00

github

Zend Framework SQL injection vulnerability

2024-04-23 22:39:03

veracode

Sql Injection

2024-04-26 12:28:57

nvd

CVE-2014-8089

2020-02-17 22:15:11

nessus

Fedora 21 : php-ZendFramework2-2.3.3-1.fc21 (2014-12676)

2014-10-16 00:00:00

Fedora 19 : php-ZendFramework2-2.2.8-2.fc19 (2014-14043)

2014-11-11 00:00:00

Amazon Linux AMI : php-ZendFramework (ALAS-2014-460)

2014-12-15 00:00:00

fedora

[SECURITY] Fedora 21 Update: php-ZendFramework2-2.3.3-1.fc21

2014-10-16 02:00:15

[SECURITY] Fedora 21 Update: php-ZendFramework-1.12.9-1.fc21

2014-11-01 16:20:08

[SECURITY] Fedora 19 Update: php-ZendFramework-1.12.9-1.fc19

2014-10-17 08:37:23

openvas

Mageia: Security Advisory (MGASA-2014-0434)

2022-01-28 00:00:00

Amazon Linux: Security Advisory (ALAS-2014-460)

2015-09-08 00:00:00

Fedora Update for php-ZendFramework2 FEDORA-2014-14043

2014-11-11 00:00:00

amazon

Medium: php-ZendFramework

2014-12-11 14:23:00

mageia

Updated php-ZendFramework packages fix security vulnerabilities

2014-10-29 14:30:40

securityvulns

[ MDVSA-2015:097 ] php-ZendFramework

2015-05-12 00:00:00

[SECURITY] [DSA 3265-1] zendframework security update

2015-06-08 00:00:00

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

2015-05-12 00:00:00

debian

[SECURITY] [DSA 3265-2] zendframework regression update

2015-05-24 11:55:24

[SECURITY] [DSA 3265-1] zendframework security update

2015-05-20 09:37:25

[SECURITY] [DLA 251-1] zendframework security update

2015-06-20 18:40:57

rapid7blog

NICER Protocol Deep Dive: Internet Exposure of HTTP and HTTPS

2021-01-29 14:20:22

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

0.004 Low

EPSS

Percentile

72.9%

JSON

Related for CVELIST:CVE-2014-8089