Select news group and category
Zend Security
Zend framework security news
- ZF2019-01: Information disclosure in zend-developer-tools
- ZF2018-01: URL rewrite vulnerability
- ZF2016-04: Potential remote code execution in zend-mail via Sendmail adapter
- ZF2016-03: Potential SQL injection in ORDER and GROUP functions of ZF1
- ZF2016-02: Potential SQL injection in ORDER and GROUP statements of Zend_Db_Select
- ZF2016-01: Potential Insufficient Entropy Vulnerability in Zend Framework 1
- ZF2015-09: Potential Information Disclosure and Insufficient Entropy vulnerability in Zend\Captcha\Word
- ZF2015-10: Potential Information Disclosure in Zend\Crypt\PublicKey\Rsa\PublicKey
- ZF2015-07: Filesystem Permissions Issues in Multiple Components
- ZF2015-08: Potential SQL injection vector using null byte for PDO (MsSql, SQLite)
- ZF2015-06: XXE/XEE vector when using ZendXml on multibyte payloads
- AG2015-01: Potential Authenticated User Spoofing in zf-oauth2
- ZF2015-05: Potential XSS and Open Redirect vectors in zend-diactoros
- ZF2015-04: Potential CRLF injection attacks in mail and HTTP headers
- ZF2015-03: Invalid CSRF validation of null or incorrectly formatted token identifiers
Do you like cookies? 🍪 I use cookies to ensure you get the best experience on my website. More cookies info