Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

Browse Security Advisories

Security Advisories for cakephp/cakephp in packagist Clear Filters

Moderate
over 2 years ago

CakePHP vulnerable to Cross-site Scripting in some development error pages GSA_kwCzR0hTQS14d2hqLXBxY2ctOHJjcs4AAxHB

packagist cakephp/cakephp
Moderate
over 2 years ago

CakePHP vulnerable to Remote File Inclusion through View template name manipulation GSA_kwCzR0hTQS1wNzZmLXdyMjItNHJ2Ns4AAxHA

packagist cakephp/cakephp
Moderate
over 2 years ago

CakePHP allows direct access of prefixed controller actions GSA_kwCzR0hTQS02aGc0LXZwNXEtNDdtd84AAxG_

packagist cakephp/cakephp
High
over 2 years ago

CakePHP vulnerable to Denial of Service attack through XML payloads GSA_kwCzR0hTQS1xNzltLWM1NDYtMmc2M84AAxG-

packagist cakephp/cakephp
Moderate
over 2 years ago

CakePHP SecurityComponent cross form submission issue GSA_kwCzR0hTQS1qOXEyLWY5cTctamhncc4AAxG9

packagist cakephp/cakephp
Moderate
over 2 years ago

CakePHP has incorrect Cross-Site Request Forgery validation GSA_kwCzR0hTQS04MjlxLXY1ZzgtaGh4Y84AAxG6

packagist cakephp/cakephp
Critical
over 2 years ago

CakePHP Database\\Query::offset() and limit() methods are vulnerable to SQL injection GSA_kwCzR0hTQS02ZzhxLXFmcHYtNTd3cM4AAxFy

packagist cakephp/database, cakephp/cakephp
High
about 3 years ago

CakePHP allows method override parameters to bypass CSRF checks GSA_kwCzR0hTQS05cGd4LXBmMzYtdzQ2cs4AAnV9

packagist cakephp/cakephp
High
about 3 years ago

CakePHP allows remote attackers to modify internal Cake cache and execute arbitrary code GSA_kwCzR0hTQS1nMnZ4LTh2NDctNHZoaM4AAgCu

packagist cakephp/cakephp
Moderate
about 3 years ago

CakePHP 1.3.7 allows remote attackers to obtain sensitive information via a direct request to a .php file GSA_kwCzR0hTQS1yN3A2LWZyM3gtcjg3N84AAfus

packagist cakephp/cakephp
High
about 3 years ago

CakePHPallows remote attackers to read arbitrary files via XML data containing external entity references GSA_kwCzR0hTQS01OTY0LXBxOHItNHE2Ms4AAfIB

packagist cakephp/cakephp
High
about 3 years ago

CakePHP might allow remote attackers to bypass CSRF protection mechanism via the _method parameter GSA_kwCzR0hTQS01NTZxLWg0dnItcGdoMs4AAV_g

packagist cakephp/cakephp
High
about 3 years ago

CakePHP allows remote attackers to spoof their IP GSA_kwCzR0hTQS1qOHAzLThtNjktMmhxcc4AAVTw

packagist cakephp/cakephp
Moderate
over 3 years ago

CakePHP directory traversal vulnerability allows remote attackers to read arbitrary files GSA_kwCzR0hTQS1ydzczLXhtcHYtajV4Ms2NbQ

packagist cakephp/cakephp
Moderate
over 3 years ago

Cross-site scripting (XSS) vulnerability in CakePHP GSA_kwCzR0hTQS12YzI5LW12d3Ytd3Bjcc2KDg

packagist cakephp/cakephp
Moderate
over 3 years ago

Cross-Site Request Forgery in CakePHP MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWozM2otZmcyZy1tY3Yy

packagist cakephp/cakephp
High
over 5 years ago

Unsafe deserialization in SmtpTransport in CakePHP MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFocngtaGNtNi1wbXJ3

packagist cakephp/cakephp

Filter by Severity

Moderate 10,084 High 8,048 Critical 3,306 Low 1,447

Filter by Ecosystem

maven 6,666 packagist 5,357 pypi 4,846 npm 4,195 go 2,803 nuget 1,702 cargo 1,067 rubygems 919 hex 37 swift 35 actions 32 pub 10

Filter by Package

moodle/moodle 418 magento/community-edition 300 typo3/cms 190 pimcore/pimcore 120 dolibarr/dolibarr 116 typo3/cms-core 111 phpmyadmin/phpmyadmin 107 drupal/core 103 magento/project-community-edition 100 microweber/microweber 99 silverstripe/framework 92 drupal/drupal 83 librenms/librenms 82 thorsten/phpmyfaq 73 symfony/symfony 69 concrete5/concrete5 65 shopware/platform 57 craftcms/cms 51 baserproject/basercms 47 shopware/core 45 mautic/core 44 nilsteampassnet/teampass 42 showdoc/showdoc 41 mantisbt/mantisbt 41 froxlor/froxlor 40 intelliants/subrion 39 snipe/snipe-it 36 zendframework/zendframework1 34 shopware/shopware 30 getgrav/grav 30 mediawiki/core 28 centreon/centreon 27 prestashop/prestashop 26 contao/core-bundle 25 getkirby/cms 24 pocketmine/pocketmine-mp 24 magento/core 24 grumpydictator/firefly-iii 23 phpoffice/phpexcel 23 zendframework/zendframework 23 simplesamlphp/simplesamlphp 23 remdex/livehelperchat 23 laravel/framework 23 tribalsystems/zenario 22 phpoffice/phpspreadsheet 21 funadmin/funadmin 20 cockpit-hq/cockpit 20 forkcms/forkcms 18 topthink/framework 18 genix/cms 18 contao/contao 18 opencart/opencart 17 francoisjacquet/rosariosis 17 ezsystems/ezpublish-kernel 17 symfony/security 17 yetiforce/yetiforce-crm 17 typo3/cms-backend 17 cakephp/cakephp 17 openmage/magento-lts 17 phpbb/phpbb 16 october/system 16 symfony/security-http 15 bolt/bolt 15 ec-cube/ec-cube 15 pimcore/admin-ui-classic-bundle 15 smarty/smarty 15 silverstripe/cms 15 phpmailer/phpmailer 14 dompdf/dompdf 14 feehi/cms 14 codeigniter4/framework 14 modx/revolution 14 impresscms/impresscms 13 admidio/admidio 13 phpmyfaq/phpmyfaq 13 elefant/cms 13 yeswiki/yeswiki 13 lavalite/cms 13 studio-42/elfinder 13 sylius/sylius 13 wwbn/avideo 12 wallabag/wallabag 12 symfony/http-foundation 12 alextselegidis/easyappointments 12 TinyMCE 11 october/october 11 pagekit/pagekit 11 tinymce/tinymce 11 yiisoft/yii2 11 tinymce 11 ezsystems/ezplatform-kernel 11 feehi/feehicms 11 leantime/leantime 11 sulu/sulu 11 nukeviet/nukeviet 11 spatie/browsershot 10 ezsystems/ezpublish-legacy 10 ssddanbrown/bookstack 10 in2code/femanager 9 bootstrap 9 twig/twig 9 statamic/cms 9 org.webjars:bootstrap 9 in2code/powermail 9 croogo/croogo 9 contao/core 9 ezsystems/ezplatform-admin-ui 9 pimcore/customer-management-framework-bundle 9 concrete5/core 9 bootstrap 9 billz/raspap-webgui 9 pterodactyl/panel 9 twbs/bootstrap 9 kevinpapst/kimai2 9 bootstrap 9 starcitizentools/citizen-skin 8 silverstripe/admin 8 codiad/codiad 8 silverstripe/graphql 8 facturascripts/facturascripts 8 october/cms 8 tecnickcom/tcpdf 8 flarum/core 8 gilacms/gila 8 joomla/joomla-cms 8 composer/composer 8 directmailteam/direct-mail 8 yiisoft/yii2-dev 7 redaxo/source 7 october/backend 7 shopxo/shopxo 7 symfony/http-kernel 7 bootstrap.sass 7 wpglobus/wpglobus 7 simplesamlphp/saml2 7 backdrop/backdrop 7 bootstrap-sass 7 passbolt/passbolt_api 7 bagisto/bagisto 6 icecoder/icecoder 6 gleez/cms 6 drupal/core-recommended 6 guzzlehttp/guzzle 6 vrana/adminer 6 typo3/cms-install 6 zoujingli/thinkadmin 6 bootstrap-sass 6 api-platform/core 6 nystudio107/craft-seomatic 6 pear/archive_tar 6 dweeves/magmi 6 yourls/yourls 6 oro/platform 6 phpseclib/phpseclib 6 woocommerce/woocommerce 5 anchorcms/anchor-cms 5 symfony/security-core 5 silverstripe/assets 5 kimai/kimai 5 illuminate/database 5 symfony/security-bundle 5 ibexa/core 5 elgg/elgg 5 limesurvey/limesurvey 5 tcg/voyager 5 bottelet/flarepoint 5 thinkcmf/thinkcmf 5 gugoan/economizzer 5 phpxmlrpc/phpxmlrpc 5 juzaweb/cms 5 adodb/adodb-php 5 ibexa/admin-ui 5 phpservermon/phpservermon 5 neos/flow 5 mautic/core-lib 5 typo3/flow 5 cachethq/cachet 5 getformwork/formwork 5 neos/neos 5 ezsystems/ezplatform 4 ckeditor/ckeditor 4 froala/wysiwyg-editor 4 league/commonmark 4 reportico-web/reportico 4 elmsln/haxcms 4 oro/commerce 4 shopware/storefront 4 wintercms/winter 4 magento/product-community-edition 4 sjbr/sr-feuser-register 4 sylius/resource-bundle 4 evolutioncms/evolution 4 typo3/html-sanitizer 4 typo3/cms-frontend 4 idno/known 4 bytefury/crater 4 processwire/processwire 4 livewire/livewire 4 codeigniter4/shield 4 pyrocms/pyrocms 4

Filter by Repository

https://github.com/cakephp/cakephp 11