Latest Security News about cve 2015 0270

Potential SQL injection in PostgreSQL Zend\Db adapter

Overview : Zend Framework before 2.2.10 and 2.3.x before 2.3.5 has Potential SQL injection in PostgreSQL Zend\Db adapter. Affected Product(s) : Zend Framework 2.2.10 Zend Framework 2.3.5 Vulnerability Details : CVE ID : CVE-2015-0270 A patch was written that provides the correct PostgreSQL escaping sequence for quotes used for identifiers and values, and tests were […]