← Back to CVE List

CVE-2014-4914

Published: 2017-12-29T14:29Z
Last Modified: 2024-11-21T02:11Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
The Zend_Db_Select::order function in Zend Framework before 1.12.7 does not properly handle parentheses, which allows remote attackers to conduct SQL injection attacks via unspecified vectors. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt