Vulnerability Database

  • Total number of vulnerabilities in the DB: 296,138
With exploit

cakefoundation / cakephp

Title Severity Exploit Date Affected Version
CVE-2020-15400 Low Jun 30, 2020 < 4.0.6
CVE-2012-4399 High Oct 10, 2012 >= 2.2.0 < 2.2.1
>= 2.1.0 < 2.1.5
CVE-2011-3712 Medium Sep 24, 2011 == 1.3.7
CVE-2010-4335 High Jan 15, 2011 == 1.3.1
== 1.3.0
== 1.3.0-alpha
== 1.2.8
== 1.3.0-rc2
== 1.3.2
== 1.3-dev
== 1.3.3
== 1.3.0-rc4
== 1.3.0-rc3
== 1.3.4
== 1.3.0-rc1
== 1.3.5
== 1.3.0-beta
CVE-2006-5031 Medium Sep 28, 2006 <= 1.1.7.3363
CVE-2006-4067 Low Aug 10, 2006 == 1.1.4.3104
<= 1.1.6.3264
== 1.0.1.2708
== 1.1.5.3148
== 1.1.3.2967

cakephp / cakephp

Title Severity Exploit Date Affected Version
CVE-2023-22727 Critical Jan 17, 2023 >= 4.4.0 < 4.4.10
>= 4.3.0 < 4.3.11
>= 4.2.0 < 4.2.12
CVE-2020-35239 High Jan 26, 2021 >= 4.0.0 <= 4.1.3
CVE-2019-11458 High May 8, 2019 == 3.7.6
CVE-2016-4793 High Jan 23, 2017 <= 3.2.4
CVE-2015-8379 High Jan 26, 2016 == 2.5.0-beta
== 2.3.0
== 2.2.6
== 2.6.0-rc1
== 2.4.9
== 3.0.6
== 2.2.8
== 3.0.0-dev2
== 2.5.9
== 3.1.0-beta1
== 2.7.5
== 2.3.5
== 2.2.1
== 2.7.9
== 2.3.0-beta
== 2.3.10
== 2.4.8
== 2.0.3
== 3.0.9
== 3.0.3
== 2.3.9
== 2.6.0-beta
== 2.1.5
== 2.6.12
== 2.5.4
== 2.3.2
== 3.0.1
== 2.0.0-rc3
== 2.7.2
== 2.6.4
== 2.4.0-beta
== 2.0.2
== 3.0.0-beta3
== 2.2.4
== 2.1.3
== 3.1.3
== 2.6.11
== 2.5.6
== 2.1.0-beta
== 3.0.12
== 2.7.3
== 2.4.1
== 3.0.0-beta1
== 2.4.7
== 2.1.0
== 3.0.4
== 3.0.15
== 2.5.0
== 2.6.6
== 3.0.0-alpha1
== 2.4.0-rc1
== 2.6.9
== 2.2.0-rc2
== 2.3.3
== 2.5.1
== 2.7.0-rc1
== 2.6.2
== 2.3.0-rc1
== 3.1.1
== 3.0.0-rc2
== 2.7.8
== 2.1.1
== 2.1.0-alpha
== 2.5.0-rc2
== 2.0.6
== 2.6.0
== 3.0.10
== 2.0.0-rc2
== 2.4.5
== 2.2.3
== 2.4.10
== 2.5.3
== 2.6.7
== 2.4.4
== 2.0.0-beta
== 2.1.4
== 2.2.9
== 3.0.7
== 2.1.2
== 3.0.8
== 2.0.4
== 2.5.8
== 2.7.0
== 2.7.4
== 3.0.14
== 3.1.4
== 2.4.2
== 2.6.1
== 3.0.0-alpha2
== 2.7.1
== 2.0.1
== 2.1.0-rc1
== 3.0.0-dev1
== 3.0.0-rc1
== 2.6.3
== 2.3.6
== 2.7.7
== 3.0.5
== 3.1.2
== 3.0.11
== 2.0.0-dev
== 2.4.0-rc2
== 3.0.13
== 2.4.6
== 2.5.0-rc1
== 2.6.5
== 2.6.8
== 2.0.0-rc1
== 2.3.1
== 2.3.7
== 2.2.2
== 2.2.0
== 2.2.5
== 2.3.8
== 3.0.2
== 3.0.0-dev3
== 2.3.4
== 2.5.5
== 2.3.0-rc2
== 3.0.0
== 2.8.0-rc1
== 2.0.0
== 2.2.7
== 2.5.7
== 2.6.10
== 2.4.0
== 2.2.0-beta
== 3.0.0-beta2
== 2.0.5
== 2.2.0-rc1
== 3.1.0-rc1
== 2.4.3
== 2.0.0-alpha
== 2.7.6
== 2.5.2
== 3.1.0-beta2
== 3.1.0

Composer icon cakephp / cakephp

Title Severity Exploit Date Affected Version
CakePHP vulnerable to Cross-site Scripting in some development error pages Medium Jan 20, 2023 >= 3.4.0 < 3.4.14
>= 3.5.0 < 3.5.17
>= 3.6.0 < 3.6.4
CakePHP vulnerable to Remote File Inclusion through View template name manipulation Medium Jan 20, 2023 >= 2.0.0 < 2.0.99
>= 2.1.0 < 2.1.99
>= 2.2.0 < 2.2.99
>= 2.3.0 < 2.3.99
>= 2.4.0 < 2.4.99
>= 2.5.0 < 2.5.99
>= 2.6.0 < 2.6.12
>= 2.7.0 < 2.7.6
>= 3.0.0 < 3.0.15
>= 3.1.0 < 3.1.4
CakePHP allows direct access of prefixed controller actions Medium Jan 20, 2023 >= 2.0.0 < 2.0.99
>= 2.1.0 < 2.1.99
>= 2.2.0 < 2.2.99
>= 2.3.0 < 2.3.99
>= 2.4.0 < 2.4.99
>= 2.5.0 < 2.5.9
>= 2.6.0 < 2.6.11
>= 2.7.0 < 2.7.2
CakePHP vulnerable to Denial of Service attack through XML payloads High Jan 20, 2023 >= 3.0.0 < 3.0.6
>= 2.0.0 < 2.0.99
>= 2.1.0 < 2.1.99
>= 2.2.0 < 2.2.99
>= 2.3.0 < 2.3.99
>= 2.4.0 < 2.4.99
>= 2.5.0 < 2.5.90
>= 2.6.0 < 2.6.6
CakePHP SecurityComponent cross form submission issue Medium Jan 20, 2023 >= 2.0.0 < 2.4.8
>= 1.3.0 < 1.3.18
CakePHP has incorrect Cross-Site Request Forgery validation Medium Jan 20, 2023 >= 3.0.0 < 3.0.4
CVE-2023-22727 Critical Jan 17, 2023 >= 4.2.0 < 4.2.12
>= 4.3.0 < 4.3.11
>= 4.4.0 < 4.4.10
CVE-2020-35239 High Jan 26, 2021 >= 4.0.0 < 4.0.10
>= 4.1.0 < 4.1.4
CVE-2020-15400 Low Jun 30, 2020 >= 4.0.0 < 4.0.6
< 3.10.3
CVE-2019-11458 High May 8, 2019 >= 3.0.0 < 3.5.18
>= 3.6.0 < 3.6.15
>= 3.7.0 < 3.7.7