Vulnerabilities in Zend
4 resultsCVE-2021-47667CRITICALAn OS command injection vulnerability in lib/NSSDropoff.php in ZendTo 5.24-3 through 6.x before 6.10-7 allows unauthenticated remote attackeEPSS 27.9%CVE-2015-0270—Zend Framework before 2.2.10 and 2.3.x before 2.3.5 has Potential SQL injection in PostgreSQL Zend\Db adapter.EPSS 1.1%CVE-2024-9129CRITICALFormat String Injection in Zend ServerEPSS 0.4%CVE-2025-32352MEDIUMA type confusion vulnerability in lib/NSSAuthenticator.php in ZendTo before v5.04-7 allows remote attackers to bypass authentication for useEPSS 0.3%