CRITICAL9.8CVE-2014-8089Zend Framework SQL injection vulnerability >= 1.12.0, < 1.12.9
CRITICAL9.8CVE-2015-7695Zend Framework SQL injection vector using null byte for PDO from 0, < 1.12.16
from 0, < 1.12.19
HIGH7.8Doctrine Security Misconfiguration Vulnerability
>= 1.12.0, < 1.12.16
HIGH7.3Zend Framework XXE Vulnerability
>= 1.0.0, < 1.11.12
MEDIUM6.1Zenario CMS vulnerable to CRLF injection
from 0, < 1.12.12
—Zend Framework XEE Vulnerability
>= 1.0, < 1.11.13
—Zend Framework XXE Vulnerability
from 0, < 1.11.15
—Zend Framework XEE Vulnerability
>= 1.0, < 1.11.13
—ZendXml and Zend Framework contain XXE and XEE Vulnerabilities
>= 1.12.0, < 1.12.14
—Zend Access Restriction Bypass
>= 1.12.0, < 1.12.9
—Several Zend Products Vulnerable to XXE and XEE attacks
from 0, < 1.12.4
—Several Zend Products Vulnerable to XXE and XEE attacks
from 0, < 1.12.4
—Several Zend Products Vulnerable to XXE and XEE attacks
from 0, < 1.12.4