Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
packagist cakephp/cakephp Security Advisories
Loading...
Moderate
Ecosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS14d2hqLXBxY2ctOHJjcs4AAxHB
CakePHP vulnerable to Cross-site Scripting in some development error pagesEcosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Moderate
Ecosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS1wNzZmLXdyMjItNHJ2Ns4AAxHA
CakePHP vulnerable to Remote File Inclusion through View template name manipulationEcosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Moderate
Ecosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS02aGc0LXZwNXEtNDdtd84AAxG_
CakePHP allows direct access of prefixed controller actionsEcosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
High
Ecosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS1xNzltLWM1NDYtMmc2M84AAxG-
CakePHP vulnerable to Denial of Service attack through XML payloadsEcosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Moderate
Ecosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS1qOXEyLWY5cTctamhncc4AAxG9
CakePHP SecurityComponent cross form submission issueEcosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Moderate
Ecosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS04MjlxLXY1ZzgtaGh4Y84AAxG6
CakePHP has incorrect Cross-Site Request Forgery validationEcosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Critical
Ecosystems: packagist
Packages: cakephp/database, cakephp/cakephp
Source: GitHub Advisory Database
Blast Radius: 36.7
Published: about 1 year ago
GSA_kwCzR0hTQS02ZzhxLXFmcHYtNTd3cM4AAxFy
CakePHP Database\\Query::offset() and limit() methods are vulnerable to SQL injectionEcosystems: packagist
Packages: cakephp/database, cakephp/cakephp
Source: GitHub Advisory Database
Blast Radius: 36.7
Published: about 1 year ago
High
Ecosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Blast Radius: 32.9
Published: almost 2 years ago
GSA_kwCzR0hTQS05cGd4LXBmMzYtdzQ2cs4AAnV9
CakePHP allows method override parameters to bypass CSRF checksEcosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Blast Radius: 32.9
Published: almost 2 years ago
High
Ecosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1nMnZ4LTh2NDctNHZoaM4AAgCu
CakePHP allows remote attackers to modify internal Cake cache and execute arbitrary codeEcosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1yN3A2LWZyM3gtcjg3N84AAfus
CakePHP 1.3.7 allows remote attackers to obtain sensitive information via a direct request to a .php fileEcosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
High
Ecosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Blast Radius: 28.1
Published: almost 2 years ago
GSA_kwCzR0hTQS01OTY0LXBxOHItNHE2Ms4AAfIB
CakePHPallows remote attackers to read arbitrary files via XML data containing external entity referencesEcosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Blast Radius: 28.1
Published: almost 2 years ago
High
Ecosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Blast Radius: 32.9
Published: almost 2 years ago
GSA_kwCzR0hTQS01NTZxLWg0dnItcGdoMs4AAV_g
CakePHP might allow remote attackers to bypass CSRF protection mechanism via the _method parameterEcosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Blast Radius: 32.9
Published: almost 2 years ago
High
Ecosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Blast Radius: 28.1
Published: almost 2 years ago
GSA_kwCzR0hTQS1qOHAzLThtNjktMmhxcc4AAVTw
CakePHP allows remote attackers to spoof their IPEcosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Blast Radius: 28.1
Published: almost 2 years ago
Moderate
Ecosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1ydzczLXhtcHYtajV4Ms2NbQ
CakePHP directory traversal vulnerability allows remote attackers to read arbitrary filesEcosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Blast Radius: 24.3
Published: almost 2 years ago
GSA_kwCzR0hTQS12YzI5LW12d3Ytd3Bjcc2KDg
Cross-site scripting (XSS) vulnerability in CakePHPEcosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Blast Radius: 24.3
Published: almost 2 years ago
Moderate
Ecosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Blast Radius: 16.1
Published: about 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWozM2otZmcyZy1tY3Yy
Cross-Site Request Forgery in CakePHPEcosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Blast Radius: 16.1
Published: about 2 years ago
High
Ecosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Blast Radius: 28.1
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFocngtaGNtNi1wbXJ3
Unsafe deserialization in SmtpTransport in CakePHPEcosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Blast Radius: 28.1
Published: over 4 years ago
Statistics
Advisories: 17,470
Packages: 8,115
Repositories: 2
Ecosystems: 12
Packages: 8,115
Repositories: 2
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
moodle/moodle
249
magento/community-edition
181
pimcore/pimcore
111
typo3/cms
94
microweber/microweber
91
typo3/cms-core
70
thorsten/phpmyfaq
70
dolibarr/dolibarr
56
phpmyadmin/phpmyadmin
53
concrete5/concrete5
52
librenms/librenms
49
shopware/platform
47
symfony/symfony
47
baserproject/basercms
43
showdoc/showdoc
40
craftcms/cms
36
shopware/core
35
snipe/snipe-it
32
intelliants/subrion
31
drupal/core
30
froxlor/froxlor
28
centreon/centreon
27
silverstripe/framework
27
shopware/shopware
26
getgrav/grav
24
magento/core
24
mautic/core
24
prestashop/prestashop
23
pocketmine/pocketmine-mp
23
remdex/livehelperchat
23
nilsteampassnet/teampass
22
getkirby/cms
22
grumpydictator/firefly-iii
22
drupal/drupal
19
forkcms/forkcms
18
tribalsystems/zenario
18
francoisjacquet/rosariosis
17
cockpit-hq/cockpit
17
cakephp/cakephp
17
yetiforce/yetiforce-crm
16
openmage/magento-lts
15
contao/core-bundle
15
phpmailer/phpmailer
14
typo3/cms-backend
14
symfony/security
13
ezsystems/ezpublish-kernel
13
impresscms/impresscms
13
october/system
13
studio-42/elfinder
12
phpmyfaq/phpmyfaq
12
symfony/security-http
12
elefant/cms
12
lavalite/cms
12
smarty/smarty
12
feehi/feehicms
11
zendframework/zendframework1
11
silverstripe/cms
11
feehi/cms
11
contao/contao
11
topthink/framework
11
ezsystems/ezplatform-kernel
10
admidio/admidio
10
wwbn/avideo
10
pimcore/admin-ui-classic-bundle
10
wallabag/wallabag
10
codeigniter4/framework
10
dompdf/dompdf
10
sylius/sylius
9
laravel/framework
9
funadmin/funadmin
9
ssddanbrown/bookstack
9
october/october
9
kevinpapst/kimai2
9
concrete5/core
9
tinymce/tinymce
9
alextselegidis/easyappointments
9
simplesamlphp/simplesamlphp
9
TinyMCE
9
tinymce
9
facturascripts/facturascripts
8
october/cms
8
zendframework/zendframework
8
sulu/sulu
8
gilacms/gila
8
pimcore/customer-management-framework-bundle
8
symfony/http-foundation
7
october/backend
7
silverstripe/graphql
7
silverstripe/admin
7
statamic/cms
7
croogo/croogo
7
flarum/core
7
guzzlehttp/guzzle
6
nystudio107/craft-seomatic
6
pterodactyl/panel
6
backdrop/backdrop
6
directmailteam/direct-mail
6
in2code/femanager
6
composer/composer
6
pagekit/pagekit
6
yourls/yourls
6
symfony/http-kernel
5
vrana/adminer
5
phpxmlrpc/phpxmlrpc
5
automad/automad
5
cachethq/cachet
5
billz/raspap-webgui
5
dweeves/magmi
5
typo3/cms-install
5
phpseclib/phpseclib
5
bolt/bolt
5
elgg/elgg
5
yiisoft/yii2
5
bottelet/flarepoint
5
oro/platform
5
ibexa/core
5
anchorcms/anchor-cms
5
pear/archive_tar
5
gugoan/economizzer
5
bagisto/bagisto
5
nukeviet/nukeviet
4
bref/bref
4
spatie/browsershot
4
oro/commerce
4
silverstripe/assets
4
typo3/html-sanitizer
4
wintercms/winter
4
idno/known
4
shopware/storefront
4
notrinos/notrinos-erp
4
ezsystems/ezplatform-admin-ui
4
codeigniter4/shield
4
bytefury/crater
4
phpservermon/phpservermon
4
magento/product-community-edition
4
woocommerce/woocommerce
4
typo3/cms-frontend
4
symfony/security-core
4
symfony/security-bundle
4
zendframework/zendrest
3
zendframework/zendservice-audioscrobbler
3
froala/wysiwyg-editor
3
zendframework/zendservice-nirvanix
3
shopxo/shopxo
3
enhavo/enhavo-app
3
phenx/php-svg-lib
3
facade/ignition
3
sylius/resource-bundle
3
processwire/processwire
3
artesaos/seotools
3
apache-solr-for-typo3/solr
3
icecoder/icecoder
3
flarum/framework
3
modx/revolution
3
opencart/opencart
3
rudloff/alltube
3
zendframework/zendopenid
3
phpbb/phpbb
3
appwrite/server-ce
3
kimai/kimai
3
adodb/adodb-php
3
mantisbt/mantisbt
3
pixelfed/pixelfed
3
yiisoft/yii2-dev
3
ckeditor4
3
phpoffice/phpspreadsheet
3
uvdesk/community-skeleton
3
typo3/cms-form
3
zendframework/zendservice-amazon
3
illuminate/database
3
verot/class.upload.php
3
prestashop/productcomments
3
codeigniter/framework
3
limesurvey/limesurvey
3
joomla/framework
3
zendframework/zendservice-windowsazure
3
enshrined/svg-sanitize
3
zendframework/zendservice-technorati
3
tecnickcom/tcpdf
3
twig/twig
3
zendframework/zendservice-slideshare
3
joomla/joomla-cms
3
zencart/zencart
3
zendframework/zendservice-api
3
tpwd/ke_search
2
helloxz/imgurl
2
austintoddj/canvas
2
juzaweb/cms
2
reportico-web/reportico
2
yoast-seo-for-typo3/yoast_seo
2
athlon1600/php-proxy
2
orchid/platform
2
amphp/http-client
2
ether/logs
2
topthink/think
2
badaso/core
2
buddypress/buddypress
2
getkirby/panel
2
prestashop/blockreassurance
2
pyrocms/pyrocms
2
Filter by Repository