CVE-2014-8089

Published: 2020-02-17T22:15Z

Last Modified: 2024-11-21T02:18Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

SQL injection vulnerability in Zend Framework before 1.12.9, 2.2.x before 2.2.8, and 2.3.x before 2.3.3, when using the sqlsrv PHP extension, allows remote attackers to execute arbitrary SQL commands via a null byte. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt