CVEs-PoC/2011/CVE-2011-1939.md

### [CVE-2011-1939](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1939)
![](https://img.shields.io/static/v1?label=Product&message=PHP&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=zendframework&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3D%201.10.x%20before%201.10.9%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=%3D%20before%205.3.6%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=potential%20SQL%20injection%20vector%20when%20using%20PDO_MySql%20(ZF2011-02)&color=brighgreen)

### Description

SQL injection vulnerability in Zend Framework 1.10.x before 1.10.9 and 1.11.x before 1.11.6 when using non-ASCII-compatible encodings in conjunction PDO_MySql in PHP before 5.3.6.

### POC

#### Reference
- https://bugs.php.net/bug.php?id=47802

#### Github
No PoCs found on GitHub currently.