Vulnerability Database
296,147
Total vulnerabilities in the database
CakePHP vulnerable to Denial of Service attack through XML payloads
RequestHandlerComponent had a vulnerability that would allow well crafted requests to create a denial of service attack. RequestHandlerComponent leverages Xml::build() which allows reading local files. We recommend that all applications using RequestHandlerComponent upgrade, or disable parsing XML payloads.
| Software | From | Fixed in |
|---|---|---|
cakephp / cakephp
|
3.0.0 | 3.0.6 |
|
cakephp / cakephp
|
2.0.0 | 2.0.99 |
|
cakephp / cakephp
|
2.1.0 | 2.1.99 |
|
cakephp / cakephp
|
2.2.0 | 2.2.99 |
|
cakephp / cakephp
|
2.3.0 | 2.3.99 |
|
cakephp / cakephp
|
2.4.0 | 2.4.99 |
|
cakephp / cakephp
|
2.5.0 | 2.5.90 |
|
cakephp / cakephp
|
2.6.0 | 2.6.6 |