SQL injection vulnerability in Zend Framework before 1.12.9, 2.2.x before 2.2.8, and 2.3.x before 2.3.3, when using the sqlsrv PHP extension, allows remote attackers to execute arbitrary SQL commands via a null byte.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-02-17T21:39:04

Updated: 2024-08-06T13:10:50.852Z

Reserved: 2014-10-10T00:00:00

Link: CVE-2014-8089

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-02-17T22:15:11.593

Modified: 2024-11-21T02:18:31.730

Link: CVE-2014-8089

cve-icon Redhat

No data.