Vulnerability Database

  • Total number of vulnerabilities in the DB: 313,825
With exploit

cakefoundation / cakephp

Title Severity Exploit Date Affected Version
CVE-2020-15400 Low Jun 30, 2020 < 4.0.6
CVE-2012-4399 High Oct 9, 2012 >= 2.2.0 < 2.2.1
>= 2.1.0 < 2.1.5
CVE-2010-4335 High Jan 14, 2011 == 1.3.0

Composer icon cakephp / cakephp

Title Severity Exploit Date Affected Version
CakePHP vulnerable to Cross-site Scripting in some development error pages Medium Jan 20, 2023 >= 3.4.0 < 3.4.14
>= 3.5.0 < 3.5.17
>= 3.6.0 < 3.6.4
CakePHP vulnerable to Remote File Inclusion through View template name manipulation Medium Jan 20, 2023 >= 2.0.0 < 2.0.99
>= 2.1.0 < 2.1.99
>= 2.2.0 < 2.2.99
>= 2.3.0 < 2.3.99
>= 2.4.0 < 2.4.99
>= 2.5.0 < 2.5.99
>= 2.6.0 < 2.6.12
>= 2.7.0 < 2.7.6
>= 3.0.0 < 3.0.15
>= 3.1.0 < 3.1.4
CakePHP allows direct access of prefixed controller actions Medium Jan 20, 2023 >= 2.0.0 < 2.0.99
>= 2.1.0 < 2.1.99
>= 2.2.0 < 2.2.99
>= 2.3.0 < 2.3.99
>= 2.4.0 < 2.4.99
>= 2.5.0 < 2.5.9
>= 2.6.0 < 2.6.11
>= 2.7.0 < 2.7.2
CakePHP vulnerable to Denial of Service attack through XML payloads High Jan 20, 2023 >= 3.0.0 < 3.0.6
>= 2.0.0 < 2.0.99
>= 2.1.0 < 2.1.99
>= 2.2.0 < 2.2.99
>= 2.3.0 < 2.3.99
>= 2.4.0 < 2.4.99
>= 2.5.0 < 2.5.90
>= 2.6.0 < 2.6.6
CakePHP SecurityComponent cross form submission issue Medium Jan 20, 2023 >= 2.0.0 < 2.4.8
>= 1.3.0 < 1.3.18
CakePHP has incorrect Cross-Site Request Forgery validation Medium Jan 20, 2023 >= 3.0.0 < 3.0.4
CVE-2023-22727 Critical Jan 17, 2023 >= 4.2.0 < 4.2.12
>= 4.3.0 < 4.3.11
>= 4.4.0 < 4.4.10
CVE-2020-35239 High Jan 26, 2021 >= 4.0.0 < 4.0.10
>= 4.1.0 < 4.1.4
>= 4.0.0 <= 4.1.3
CVE-2020-15400 Low Jun 30, 2020 >= 4.0.0 < 4.0.6
< 3.10.3
CVE-2019-11458 Medium May 8, 2019 >= 3.0.0 < 3.5.18
>= 3.6.0 < 3.6.15
>= 3.7.0 < 3.7.7
== 3.7.6