Lucene search
GoogleOSV:DLA-326-1HistoryOct 15, 2015 - 12:00 a.m.
zendframework - security update
2015-10-1500:00:00
Google
osv.dev
6
0.016 Low
EPSS
Percentile
87.6%
The PDO adapters of Zend Framework 1 did not filter null bytes values in
SQL statements. A PDO adapter can treat null bytes in a query as a
string terminator, allowing an attacker to add arbitrary SQL following a
null byte, and thus create a SQL injection.
For Debian 6 Squeeze, this issue has been fixed in zendframework
version 1.10.6-1squeeze6.
References
Related
nvd
nvd
CVE-2015-7695
2016-06-07 14:06:10
cve
cve
CVE-2015-7695
2016-06-07 14:06:10
nessus
nessus
Debian DLA-326-1 : zendframework security update
2015-10-16 00:00:00
FreeBSD : ZendFramework1 -- SQL injection vulnerability (d3324fdb-6bf0-11e5-bc5e-00505699053e)
2015-10-07 00:00:00
Debian DSA-3369-1 : zendframework - security update
2015-10-07 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-326-1)
2023-03-08 00:00:00
Debian: Security Advisory (DSA-3369-1)
2015-10-05 00:00:00
github
github
Zend Framework SQL injection vector using null byte for PDO
2022-05-17 03:44:23
f5
f5
SOL06430416 - Zend Framework vulnerability CVE-2015-7695
2016-09-09 00:00:00
K06430416 : Zend Framework vulnerability CVE-2015-7695
2016-09-09 00:00:00
veracode
veracode
SQL Injection
2017-07-26 02:57:56
prion
prion
Sql injection
2016-06-07 14:06:00
cvelist
cvelist
CVE-2015-7695
2016-06-07 14:00:00
ubuntucve
ubuntucve
CVE-2015-7695
2016-06-07 00:00:00
osv
osv
Zend Framework SQL injection vector using null byte for PDO
2022-05-17 03:44:23
debian
debian
[SECURITY] [DLA 326-1] zendframework security update
2015-10-15 21:07:52
freebsd
freebsd
ZendFramework1 -- SQL injection vulnerability
2015-09-15 00:00:00