Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Advisories
Loading...
Moderate
Ecosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Published: 15 days ago
GSA_kwCzR0hTQS14d2hqLXBxY2ctOHJjcs4AAxHB
CakePHP vulnerable to Cross-site Scripting in some development error pagesEcosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Published: 15 days ago
Moderate
Ecosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Published: 15 days ago
GSA_kwCzR0hTQS1wNzZmLXdyMjItNHJ2Ns4AAxHA
CakePHP vulnerable to Remote File Inclusion through View template name manipulationEcosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Published: 15 days ago
Moderate
Ecosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Published: 15 days ago
GSA_kwCzR0hTQS02aGc0LXZwNXEtNDdtd84AAxG_
CakePHP allows direct access of prefixed controller actionsEcosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Published: 15 days ago
High
Ecosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Published: 15 days ago
GSA_kwCzR0hTQS1xNzltLWM1NDYtMmc2M84AAxG-
CakePHP vulnerable to Denial of Service attack through XML payloadsEcosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Published: 15 days ago
Moderate
Ecosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Published: 15 days ago
GSA_kwCzR0hTQS1qOXEyLWY5cTctamhncc4AAxG9
CakePHP SecurityComponent cross form submission issueEcosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Published: 15 days ago
Moderate
Ecosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Published: 15 days ago
GSA_kwCzR0hTQS04MjlxLXY1ZzgtaGh4Y84AAxG6
CakePHP has incorrect Cross-Site Request Forgery validationEcosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Published: 15 days ago
Critical
Ecosystems: packagist
Packages: cakephp/database, cakephp/cakephp
Source: GitHub Advisory Database
Published: 16 days ago
GSA_kwCzR0hTQS02ZzhxLXFmcHYtNTd3cM4AAxFy
CakePHP Database\\Query::offset() and limit() methods are vulnerable to SQL injectionEcosystems: packagist
Packages: cakephp/database, cakephp/cakephp
Source: GitHub Advisory Database
Published: 16 days ago
High
Ecosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Published: 9 months ago
GSA_kwCzR0hTQS05cGd4LXBmMzYtdzQ2cs4AAnV9
CakePHP allows method override parameters to bypass CSRF checksEcosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Published: 9 months ago
High
Ecosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Published: 9 months ago
GSA_kwCzR0hTQS1nMnZ4LTh2NDctNHZoaM4AAgCu
CakePHP allows remote attackers to modify internal Cake cache and execute arbitrary codeEcosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Published: 9 months ago
Moderate
Ecosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Published: 9 months ago
GSA_kwCzR0hTQS1yN3A2LWZyM3gtcjg3N84AAfus
CakePHP 1.3.7 allows remote attackers to obtain sensitive information via a direct request to a .php fileEcosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Published: 9 months ago
Moderate
Ecosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Published: 9 months ago
GSA_kwCzR0hTQS01OTY0LXBxOHItNHE2Ms4AAfIB
CakePHPallows remote attackers to read arbitrary files via XML data containing external entity referencesEcosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Published: 9 months ago
High
Ecosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Published: 9 months ago
GSA_kwCzR0hTQS01NTZxLWg0dnItcGdoMs4AAV_g
CakePHP might allow remote attackers to bypass CSRF protection mechanism via the _method parameterEcosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Published: 9 months ago
High
Ecosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Published: 9 months ago
GSA_kwCzR0hTQS1qOHAzLThtNjktMmhxcc4AAVTw
CakePHP allows remote attackers to spoof their IPEcosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Published: 9 months ago
Moderate
Ecosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Published: 9 months ago
GSA_kwCzR0hTQS1ydzczLXhtcHYtajV4Ms2NbQ
CakePHP directory traversal vulnerability allows remote attackers to read arbitrary filesEcosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Published: 9 months ago
Moderate
Ecosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Published: 9 months ago
GSA_kwCzR0hTQS12YzI5LW12d3Ytd3Bjcc2KDg
Cross-site scripting (XSS) vulnerability in CakePHPEcosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Published: 9 months ago
Moderate
Ecosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Published: 12 months ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWozM2otZmcyZy1tY3Yy
Cross-Site Request Forgery in CakePHPEcosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Published: 12 months ago
High
Ecosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFocngtaGNtNi1wbXJ3
Unsafe deserialization in SmtpTransport in CakePHPEcosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Published: about 3 years ago
Filter by Severity
Filter by Ecosystem
Filter by Package
microweber/microweber
68
pimcore/pimcore
44
shopware/platform
40
typo3/cms-core
38
showdoc/showdoc
36
shopware/core
31
librenms/librenms
30
snipe/snipe-it
28
moodle/moodle
25
remdex/livehelperchat
22
dolibarr/dolibarr
21
typo3/cms
18
mautic/core
18
concrete5/concrete5
17
cakephp/cakephp
17
shopware/shopware
17
thorsten/phpmyfaq
16
yetiforce/yetiforce-crm
16
silverstripe/framework
16
baserproject/basercms
15
pocketmine/pocketmine-mp
15
craftcms/cms
14
symfony/symfony
14
grumpydictator/firefly-iii
13
tribalsystems/zenario
13
froxlor/froxlor
13
phpmailer/phpmailer
12
getkirby/cms
12
openmage/magento-lts
12
forkcms/forkcms
12
feehi/feehicms
11
intelliants/subrion
11
getgrav/grav
11
francoisjacquet/rosariosis
11
drupal/core
11
contao/core-bundle
10
october/system
10
centreon/centreon
9
concrete5/core
9
kevinpapst/kimai2
9
ssddanbrown/bookstack
8
topthink/framework
8
sylius/sylius
8
facturascripts/facturascripts
8
elefant/cms
8
impresscms/impresscms
8
magento/community-edition
7
ezsystems/ezpublish-kernel
7
october/cms
7
feehi/cms
7
october/backend
7
codeigniter4/framework
7
laravel/framework
7
simplesamlphp/simplesamlphp
6
guzzlehttp/guzzle
6
smarty/smarty
6
pterodactyl/panel
6
prestashop/prestashop
5
ezsystems/ezplatform-kernel
5
vrana/adminer
5
phpxmlrpc/phpxmlrpc
5
backdrop/backdrop
5
dompdf/dompdf
5
yourls/yourls
5
sulu/sulu
5
phpmyadmin/phpmyadmin
5
bottelet/flarepoint
5
symfony/security-http
5
pear/archive_tar
4
directmailteam/direct-mail
4
flarum/core
4
bolt/bolt
4
ezsystems/ezplatform-admin-ui
4
nukeviet/nukeviet
4
idno/known
4
pagekit/pagekit
4
symfony/http-foundation
4
symfony/http-kernel
4
tinymce
4
TinyMCE
4
tinymce/tinymce
4
wallabag/wallabag
4
cachethq/cachet
4
bytefury/crater
4
typo3/cms-form
3
elgg/elgg
3
spatie/browsershot
3
prestashop/productcomments
3
illuminate/database
3
notrinos/notrinos-erp
3
sylius/resource-bundle
3
symfony/security
3
enshrined/svg-sanitize
3
nystudio107/craft-seomatic
3
ibexa/core
3
nilsteampassnet/teampass
3
silverstripe/assets
3
wwbn/avideo
3
phpoffice/phpspreadsheet
3
twig/twig
3
composer/composer
3
icecoder/icecoder
3
shopware/storefront
3
rudloff/alltube
3
oro/platform
3
facade/ignition
3
gilacms/gila
3
shopxo/shopxo
2
ezsystems/ezplatform-rest
2
miniorange/miniorange-saml
2
yoast-seo-for-typo3/yoast_seo
2
exceedone/laravel-admin
2
exceedone/exment
2
lavalite/cms
2
yiisoft/yii2-dev
2
anchorcms/anchor-cms
2
erusev/parsedown
2
squizlabs/php_codesniffer
2
croogo/croogo
2
billz/raspap-webgui
2
modx/revolution
2
ptrofimov/beanstalk_console
2
symfony/framework-bundle
2
latte/latte
2
symfony/security-bundle
2
alextselegidis/easyappointments
2
october/october
2
studio-42/elfinder
2
silverstripe/graphql
2
getkirby/panel
2
laravel/laravel
2
symfony/cache
2
typo3/html-sanitizer
2
buddypress/buddypress
2
dweeves/magmi
2
silverstripe/cms
2
badaso/core
2
protobuf
2
silverstripe/admin
2
ibexa/admin-ui
2
opencart/opencart
2
processwire/processwire
2
in2code/femanager
2
noumo/easyii
2
typo3/cms-backend
2
oro/commerce
2
october/rain
2
wintercms/winter
2
com.google.protobuf:protobuf-parent
2
Google.Protobuf
2
librenms
2
unisharp/laravel-filemanager
2
league/commonmark
2
aheinze/cockpit
2
packbackbooks/lti-1-3-php-library
2
typo3fluid/fluid
2
verot/class.upload.php
2
cuyz/valinor
2
admidio/admidio
2
phpfastcache/phpfastcache
2
github.com/protocolbuffers/protobuf
2
google/protobuf
2
yiisoft/yii2-gii
2
helloxz/imgurl
2
drupal/drupal
2
filegator/filegator
2
neos/neos
2
s-cart/s-cart
2
ether/logs
2
bolt/core
2
privatebin/privatebin
2
grav
1
amazing/media2click
1
contao/managed-edition
1
vanilla/safecurl
1
livehelperchat/livehelperchat
1
automad/automad
1
swag/paypal
1
xataface/xataface
1
vova07/yii2-fileapi-widget
1
oneup/uploader-bundle
1
appwrite/server-ce
1
litespeed.js
1
laravel/fortify
1
pear/crypt_gpg
1
pwweb/laravel-core
1
joomla/archive
1
czproject/git-php
1
php-mod/curl
1
genix/cms
1
marcwillmann/turn
1
Sylius/Sylius
1
ectouch/ectouch
1
laminas/laminas-form
1
sylius/grid-bundle
1
mgallegos/laravel-jqgrid
1
lexik/jwt-authentication-bundle
1
yiisoft/yii
1
shopware/production
1
matyhtf/framework
1
melisplatform/melis-front
1
pocketmine/bedrock-protocol
1
melisplatform/melis-cms
1
bmarshall511/wordpress_zero_spam
1
statamic/cms
1
symfony/var-exporter
1
web-auth/webauthn-framework
1
yeswiki/yeswiki
1
fenom/fenom
1
open-web-analytics/open-web-analytics
1
t3/dce
1
hillelcoren/invoice-ninja
1
netgen/tagsbundle
1
snipe-it
1
gaoming13/wechat-php-sdk
1
bassjobsen/bootstrap-3-typeahead
1
wpanel/wpanel4-cms
1
socialiteproviders/steam
1
silverstripe/subsites
1
ibexa/graphql
1
symfony/phpunit-bridge
1
bootstrap-3-typeahead
1
simplesamlphp/simplesamlphp-module-openid
1
area17/twill
1
phpservermon/phpservermon
1
yii2mod/yii2-cms
1
s-cart/core
1
luyadev/yii-helpers
1
harvesthq/chosen
1
silverstripe/hybridsessions
1
wp-graphql/wp-graphql
1
sylius/paypal-plugin
1
fluidtypo3/vhs
1
tobiasbg/tablepress
1
andreapollastri/cipi
1
silverstripe/versioned-admin
1
DotNetCasClient
1
doctrine/dbal
1
symfony/serializer
1
silverstripe/silverstripe-omnipay
1
mojo42/jirafeau
1
simplito/elliptic-php
1
guzzlehttp/psr7
1
jasig/phpcas
1
orchid/platform
1
zendframework/zend-http
1
arc/web
1
org.jasig.cas:cas-client
1
james-heinrich/getid3
1
brotkrueml/typo3-matomo-integration
1
phpunit/phpunit
1
brotkrueml/schema
1
krayin/laravel-crm
1
topthink/thinkphp
1
phpmyfaq/phpmyfaq
1
gos/web-socket-bundle
1
symfont/process
1
thinkcmf/thinkcmf
1
phpmussel/phpmussel
1
symfony/security-guard
1
api-platform/core
1
cakephp/database
1
prestashop/ps_emailsubscription
1
topthink/think
1
terminal42/contao-tablelookupwizard
1
limesurvey/limesurvey
1
simplesamlphp/simplesamlphp-module-openidprovider
1
symfony/mime
1
liftkit/database
1
adminer
1
barryvdh/laravel-translation-manager
1
typo3/phar-stream-wrapper
1
kitodo/presentation
1
friendsoftypo3/mediace
1
barrelstrength/sprout-forms
1
symfony/security-core
1
mittwald/typo3_forum
1
barrelstrength/sprout-base-email
1
neoan3-apps/template
1
cardgate/magento2
1
catfan/medoo
1
neorazorx/facturascripts
1
codeception/codeception
1
derhansen/sf_event_mgt
1
islandora/islandora
1
woocommerce/woocommerce
1
hjue/justwriting
1
wanglelecc/laracms
1
nette/application
1
mezzio/mezzio-swoole
1
flarum/tags
1
zendframework/zend-diactoros
1
hyn/multi-tenant
1
symfony/proxy-manager-bridge
1
laminas/laminas-diactoros
1
froala/wysiwyg-editor
1
prestashop/ps_linklist
1
spipu/html2pdf
1
flarum/mentions
1
rankmath/seo-by-rank-math
1