Zend Framework Multiple Security Vulnerabilities
BID:58530
Info
Zend Framework Multiple Security Vulnerabilities
| Bugtraq ID: | 58530 |
| Class: | Unknown |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 16 2013 12:00AM |
| Updated: | Mar 19 2015 09:29AM |
| Credit: | codemagician, Padraic Brady and Axel Helmert |
| Vulnerable: | |
| Not Vulnerable: | |
Discussion
Zend Framework Multiple Security Vulnerabilities
Zend Framework is prone to following security vulnerabilities:
1. A security-bypass vulnerability
2. A security weakness
3. Multiple SQL-injection vulnerabilities
An attacker can exploit these issues to bypass certain security restrictions, perform unauthorized actions, predict random number values, gain access to sensitive information, access or modify data, or exploit latent vulnerabilities in the underlying database.
Zend Framework versions prior to 2.0.8 and 2.1.4 are vulnerable.
Zend Framework is prone to following security vulnerabilities:
1. A security-bypass vulnerability
2. A security weakness
3. Multiple SQL-injection vulnerabilities
An attacker can exploit these issues to bypass certain security restrictions, perform unauthorized actions, predict random number values, gain access to sensitive information, access or modify data, or exploit latent vulnerabilities in the underlying database.
Zend Framework versions prior to 2.0.8 and 2.1.4 are vulnerable.
Solution / Fix
Zend Framework Multiple Security Vulnerabilities
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.