The remote host is using a version of Zend Framework that is vulnerable to SQL Injection (SQLi).
Versions of Zend Framework earlier than 1.12.7 contain a flaw that may allow an SQL injection attack. The issue is due to the 'Zend_Db_Select::order()' function not properly sanitizing user-supplied input before using it in SQL queries. This may allow a remote attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
Upgrade Zend Framework to version 1.12.7 or later.