2 matches found
CVE-2023-22727 Database Query::offset() and limit() vulnerable to SQL injection in cakephp
CakePHP is a development framework for PHP web apps. In affected versions the Cake\Database\Query::limit and Cake\Database\Query::offset methods are vulnerable to SQL injection if passed un-sanitized user request data. This issue has been fixed in 4.2.12, 4.3.11, 4.4.10. Users are advised to...
Pivotal Software Spring Security Authentication Vulnerability
Pivotal Software Spring Security is a suite of security frameworks from Pivotal Software, Inc. that provide illustrative security protection for Spring-based applications. A security vulnerability exists in Pivotal Software Spring Security versions 4.2.x through 4.2.12 and older versions that are...