CVE-2014-4914 in Zend Frameworkinformation

Résumé

par MITRE

The Zend_Db_Select::order function in Zend Framework before 1.12.7 does not properly handle parentheses, which allows remote attackers to conduct SQL injection attacks via unspecified vectors.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Sources

Want to stay up to date on a daily basis?

Enable the mail alert feature now!