CVE-2014-8089

CVE-2014-8089 — SQL injection vulnerability in Zend Framework before 1.12.9, 2.2.x before 2.2.8,

📅 2020-02-17

🔴 Critical 🔥 No NVD Exploit Web CVSS 9.8

📋 الوصف الكامل

SQL injection vulnerability in Zend Framework before 1.12.9, 2.2.x before 2.2.8, and 2.3.x before 2.3.3, when using the sqlsrv PHP extension, allows remote attackers to execute arbitrary SQL commands via a null byte.

💻 الأنظمة المتأثرة

SQL injection vulnerability

⚠️ نوع التهديد

Exploit

🔗 CVE ID

CVE-2014-8089

📡 المصدر

NVD

✅ الحلول والتخفيف

Refer to CVE-2014-8089 NVD advisory

🔗 المصدر الأصلي ← 📘 NVD ← ⚡ CISA KEV ←