VYPR

Zend Server CE

by Zend

CVEs (3)

  • CVE-2018-10230MedApr 19, 2018
    risk 0.40cvss 6.1epss 0.03

    Zend Debugger in Zend Server before 9.1.3 has XSS, aka ZSR-2455.

  • CVE-2012-5382Oct 11, 2012
    risk 0.03cvss epss 0.01

    Untrusted search path vulnerability in the installation functionality in Zend Server 5.6.0 SP4, when installed in the top-level C:\ directory, might allow local users to gain privileges via a Trojan horse DLL in the C:\Zend\ZendServer\share\ZendFramework\bin directory, which may…

  • CVE-2011-3825Sep 24, 2011
    risk 0.00cvss epss 0.01

    Zend Framework 1.11.3 in Zend Server CE 5.1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by Validate.php and certain other files.