The remote host is using a version of Zend Framework that is vulnerable to SQL Injection (SQLi).
Versions of Zend Framework earlier than 1.12.16 contain a flaw that may allow an SQL injection attack. The issue is due to 'Zend_Db_Adapter_Pdo_Abstract' not properly sanitizing user-supplied input involving null bytes. This may allow a remote attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
Upgrade Zend Framework to version 1.12.16 or later.