Vulnerabilities for cakephp

Vulnerabilities for products matching "cakephp"

Found 2 matching products. Filters apply to all results.

You can search for specific versions with /product/cakephp/1.2.3

cakefoundation / cakephp

3 vulnerabilities found

Title	Severity	Date	Affected Version
CVE-2020-15400	Low	June 30, 2020 6/30/20	< 4.0.6
CVE-2012-4399	High	October 9, 2012 10/9/12	>= 2.2.0 < 2.2.1 >= 2.1.0 < 2.1.5
CVE-2010-4335	High	January 14, 2011 1/14/11	== 1.3.0

cakephp / cakephp

17 vulnerabilities found

Title	Severity	Date	Affected Version
CakePHP vulnerable to Cross-site Scripting in some development error pages	Medium	January 20, 2023 1/20/23	>= 3.4.0 < 3.4.14 >= 3.5.0 < 3.5.17 >= 3.6.0 < 3.6.4
CakePHP vulnerable to Remote File Inclusion through View template name manipulation	Medium	January 20, 2023 1/20/23	>= 2.0.0 < 2.0.99 >= 2.1.0 < 2.1.99 >= 2.2.0 < 2.2.99 >= 2.3.0 < 2.3.99 >= 2.4.0 < 2.4.99 >= 2.5.0 < 2.5.99 >= 2.6.0 < 2.6.12 >= 2.7.0 < 2.7.6 >= 3.0.0 < 3.0.15 >= 3.1.0 < 3.1.4
CakePHP allows direct access of prefixed controller actions	Medium	January 20, 2023 1/20/23	>= 2.0.0 < 2.0.99 >= 2.1.0 < 2.1.99 >= 2.2.0 < 2.2.99 >= 2.3.0 < 2.3.99 >= 2.4.0 < 2.4.99 >= 2.5.0 < 2.5.9 >= 2.6.0 < 2.6.11 >= 2.7.0 < 2.7.2
CakePHP vulnerable to Denial of Service attack through XML payloads	High	January 20, 2023 1/20/23	>= 3.0.0 < 3.0.6 >= 2.0.0 < 2.0.99 >= 2.1.0 < 2.1.99 >= 2.2.0 < 2.2.99 >= 2.3.0 < 2.3.99 >= 2.4.0 < 2.4.99 >= 2.5.0 < 2.5.90 >= 2.6.0 < 2.6.6
CakePHP SecurityComponent cross form submission issue	Medium	January 20, 2023 1/20/23	>= 2.0.0 < 2.4.8 >= 1.3.0 < 1.3.18
CakePHP has incorrect Cross-Site Request Forgery validation	Medium	January 20, 2023 1/20/23	>= 3.0.0 < 3.0.4
CVE-2023-22727	Critical	January 17, 2023 1/17/23	>= 4.2.0 < 4.2.12 >= 4.3.0 < 4.3.11 >= 4.4.0 < 4.4.10
CVE-2020-35239	High	January 26, 2021 1/26/21	>= 4.0.0 < 4.0.10 >= 4.1.0 < 4.1.4 >= 4.0.0 <= 4.1.3
CVE-2020-15400	Low	June 30, 2020 6/30/20	>= 4.0.0 < 4.0.6 < 3.10.3
CVE-2019-11458	Medium	May 8, 2019 5/8/19	>= 3.0.0 < 3.5.18 >= 3.6.0 < 3.6.15 >= 3.7.0 < 3.7.7 == 3.7.6
CVE-2016-4793	Medium	January 23, 2017 1/23/17	<= 3.2.4 >= 1.2.0 < 2.6.13 >= 2.7.0-rc1 < 2.7.11 >= 2.8.0-rc1 < 2.8.2 >= 3.0.0-rc1 < 3.0.17 >= 3.1.0-beta1 < 3.1.12 >= 3.2.0-rc1 < 3.2.5
CVE-2015-8379	Medium	January 26, 2016 1/26/16	== 2.5.0-beta == 2.3.0 == 2.2.6 == 2.6.0-rc1 == 2.4.9 == 3.0.6 == 2.2.8 == 3.0.0-dev2 == 2.5.9 == 3.1.0-beta1 == 2.7.5 == 2.3.5 == 2.2.1 == 2.7.9 == 2.3.0-beta == 2.3.10 == 2.4.8 == 2.0.3 == 3.0.9 == 3.0.3 == 2.3.9 == 2.6.0-beta == 2.1.5 == 2.6.12 == 2.5.4 == 2.3.2 == 3.0.1 == 2.0.0-rc3 == 2.7.2 == 2.6.4 == 2.4.0-beta == 2.0.2 == 3.0.0-beta3 == 2.2.4 == 2.1.3 == 3.1.3 == 2.6.11 == 2.5.6 == 2.1.0-beta == 3.0.12 == 2.7.3 == 2.4.1 == 3.0.0-beta1 == 2.4.7 == 2.1.0 == 3.0.4 == 3.0.15 == 2.5.0 == 2.6.6 == 3.0.0-alpha1 == 2.4.0-rc1 == 2.6.9 == 2.2.0-rc2 == 2.3.3 == 2.5.1 == 2.7.0-rc1 == 2.6.2 == 2.3.0-rc1 == 3.1.1 == 3.0.0-rc2 == 2.7.8 == 2.1.1 == 2.1.0-alpha == 2.5.0-rc2 == 2.0.6 == 2.6.0 == 3.0.10 == 2.0.0-rc2 == 2.4.5 == 2.2.3 == 2.4.10 == 2.5.3 == 2.6.7 == 2.4.4 == 2.0.0-beta == 2.1.4 == 2.2.9 == 3.0.7 == 2.1.2 == 3.0.8 == 2.0.4 == 2.5.8 == 2.7.0 == 2.7.4 == 3.0.14 == 3.1.4 == 2.4.2 == 2.6.1 == 3.0.0-alpha2 == 2.7.1 == 2.0.1 == 2.1.0-rc1 == 3.0.0-dev1 == 3.0.0-rc1 == 2.6.3 == 2.3.6 == 2.7.7 == 3.0.5 == 3.1.2 == 3.0.11 == 2.0.0-dev == 2.4.0-rc2 == 3.0.13 == 2.4.6 == 2.5.0-rc1 == 2.6.5 == 2.6.8 == 2.0.0-rc1 == 2.3.1 == 2.3.7 == 2.2.2 == 2.2.0 == 2.2.5 == 2.3.8 == 3.0.2 == 3.0.0-dev3 == 2.3.4 == 2.5.5 == 2.3.0-rc2 == 3.0.0 == 2.8.0-rc1 == 2.0.0 == 2.2.7 == 2.5.7 == 2.6.10 == 2.4.0 == 2.2.0-beta == 3.0.0-beta2 == 2.0.5 == 2.2.0-rc1 == 3.1.0-rc1 == 2.4.3 == 2.0.0-alpha == 2.7.6 == 2.5.2 == 3.1.0-beta2 == 3.1.0 >= 2.0.0-alpha < 3.1.5
CVE-2012-4399	High	October 9, 2012 10/9/12	>= 2.1.0-alpha < 2.1.5 >= 2.2.0-beta < 2.2.1
CVE-2011-3712	Medium	September 23, 2011 9/23/11	== 1.3.7 >= 1.3.7 < 1.3.8
CVE-2010-4335	High	January 14, 2011 1/14/11	>= 1.2.8 < 1.3.6 == 1.2.8 == 1.3-dev == 1.3.0-alpha == 1.3.0-beta == 1.3.0-rc1 == 1.3.0-rc2 == 1.3.0-rc3 == 1.3.0-rc4 == 1.3.1 == 1.3.2 == 1.3.3 == 1.3.4 == 1.3.5
CVE-2006-5031	Medium	September 27, 2006 9/27/06	>= 1.0.1.2708 < 1.1.8.3544 <= 1.1.7.3363
CVE-2006-4067	Low	August 10, 2006 8/10/06	>= 1.0.1.2708 < 1.1.7.3363 <= 1.1.6.3264 == 1.0.1.2708 == 1.1.3.2967 == 1.1.4.3104 == 1.1.5.3148

Showing vulnerabilities for 2 products matching "cakephp". Each product has independent pagination.

Vulnerability Database

317,182

Vulnerabilities for products matching "cakephp"

cakefoundation / cakephp

cakephp / cakephp

Deep Security Visibility Without the Complexity