Showing 1 - 1 of 1

CVE-2016-4861

Status Candidate

Overview

The (1) order and (2) group methods in Zend_Db_Select in the Zend Framework before 1.12.20 might allow remote attackers to conduct SQL injection attacks by leveraging failure to remove comments from an SQL statement before validation.

Related Files

Gentoo Linux Security Advisory 201804-10: Posted Apr 10, 2018; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201804-10 - Multiple vulnerabilities have been found in Zend Framework, the worst of which could allow attackers to remotely execute arbitrary commands. Versions less than or equal to 1.12.9 are affected.; tags | advisory, arbitrary, vulnerability; systems | linux, gentoo; advisories | CVE-2016-10034, CVE-2016-4861, CVE-2016-6233; SHA-256 | 49bd0928a66e9707e2184ac42e70b38b10becfccb984fb5c189e3fbf00076b93; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 251 files
Ubuntu 59 files
LiquidWorm 28 files
indoushka 20 files
Debian 18 files
Apple 10 files
Google Security Research 5 files
Chokri Hammedi 3 files
Alter Prime 3 files
Emiliano Febbi 3 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,153)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,599)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,749)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,187)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,958)
UNIX (9,472)
UnixWare (188)
Windows (6,784)
Other

CVE-2016-4861

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems