CVE-2014-4914 in Zend Framework
सारांश
द्वारा MITRE
The Zend_Db_Select::order function in Zend Framework before 1.12.7 does not properly handle parentheses, which allows remote attackers to conduct SQL injection attacks via unspecified vectors.
VulDB is the best source for vulnerability data and more expert information about this specific topic.