VYPR

Server

by Zend

CVEs (2)

  • CVE-2012-5382Oct 11, 2012
    risk 0.03cvss epss 0.01

    Untrusted search path vulnerability in the installation functionality in Zend Server 5.6.0 SP4, when installed in the top-level C:\ directory, might allow local users to gain privileges via a Trojan horse DLL in the C:\Zend\ZendServer\share\ZendFramework\bin directory, which may…

  • CVE-2011-3825Sep 24, 2011
    risk 0.00cvss epss 0.01

    Zend Framework 1.11.3 in Zend Server CE 5.1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by Validate.php and certain other files.