EUVD-2022-4314

Malicious code in bioql PyPI...

EUVD-2022-5242

Malicious code in bioql PyPI...

EUVD-2022-5124

Malicious code in bioql PyPI...

EUVD-2022-5330

Malicious code in bioql PyPI...

EUVD-2022-2499

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2023-22727

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - CakePHP is a development framework for PHP web apps. In affected versions the Cake\Database\Query::limit and Cake\Database\Query::offset methods are vulnerable ...

CVE-2019-11458

An issue was discovered in SmtpTransport in CakePHP 3.7.6. An unserialized object with modified internal properties can trigger arbitrary file overwriting upon destruction...

CVE-2011-3712

CakePHP 1.3.7 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by dispatcher.php and certain other files...

CVE-2020-15400

CakePHP before 4.0.6 mishandles CSRF token generation. This might be remotely exploitable in conjunction with XSS...

CakePHP Security Bypass Vulnerability (CNVD-2017-01244)

CakePHP is the United States Cake Software Foundation of a MVC-based architecture , open source Web development framework. The framework has a flexible view caching , automatic generation of CRUD code and other features . A security vulnerability exists in the 'clientIp' function in CakePHP 3.2.4...

CVE-2015-8379

CakePHP 2.x and 3.x before 3.1.5 might allow remote attackers to bypass the CSRF protection mechanism via the method parameter...

CakePHP 1.1.20 Local File Inclusion Vulnerability

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + + CakePHP 1.1.20 Local File Inclusion Vulnerability + + Discovered by Cru3l.b0y + + WwW.DeltaHacking.Net + + + ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ AUTHOR : Cru3l.b0y APPLICATION : CakePHP...

CakePHP 1.1.20 Local File Inclusion

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + + + CakePHP 1.1.20 Local File Inclusion Vulnerability + + + + Discovered by Cru3l.b0y + + + + WwW.DeltaHacking.Net + + + + + + + ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ AUTHOR : Cru3l.b0y...

CVE-2006-5031

Directory traversal vulnerability in app/webroot/js/vendors.php in Cake Software Foundation CakePHP before 1.1.8.3544 allows remote attackers to read arbitrary files via a .. dot dot in the file parameter, followed by a filename ending with "%00" and a .js filename...

PT-2006-5772 · Cakephp · Cakephp

Name of the Vulnerable Software and Affected Versions: CakePHP versions prior to 1.1.8.3544 Description: The issue allows remote attackers to read arbitrary files via a .. dot dot in the file parameter, followed by a filename ending with %00 and a .js filename. This is a directory traversal...

CakePHP 1.1.7.3363 - Vendors.php Directory Traversal

CakePHP 1.1.7.3363 - Vendors.php Directory Traversal source: https://www.securityfocus.com/bid/20150/info CakePHP is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary files from...

CVE-2006-4067

Cross-site scripting XSS vulnerability in cake/libs/error.php in CakePHP before 1.1.7.3363 allows remote attackers to inject arbitrary web script or HTML via the URL, which is reflected back in a 404 "Not Found" error page. NOTE: some of these details are obtained from third party information...