Vulnerabilities > Cakefoundation

DATE	CVE	VULNERABILITY TITLE	RISK
2021-01-26	CVE-2020-35239	Cross-Site Request Forgery (CSRF) vulnerability in Cakefoundation Cakephp A vulnerability exists in CakePHP versions 4.0.x through 4.1.3. network low complexity cakefoundation CWE-352	8.8
2020-06-30	CVE-2020-15400	Cross-site Scripting vulnerability in Cakefoundation Cakephp CakePHP before 4.0.6 mishandles CSRF token generation. network low complexity cakefoundation CWE-79	4.3
2019-05-08	CVE-2019-11458	Deserialization of Untrusted Data vulnerability in Cakefoundation Cakephp 3.7.6 An issue was discovered in SmtpTransport in CakePHP 3.7.6. network low complexity cakefoundation CWE-502	7.5
2012-10-09	CVE-2012-4399	XXE vulnerability in Cakefoundation Cakephp The Xml class in CakePHP 2.1.x before 2.1.5 and 2.2.x before 2.2.1 allows remote attackers to read arbitrary files via XML data containing external entity references, aka an XML external entity (XXE) injection attack. network low complexity cakefoundation CWE-611	7.5

Vulnerabilities > Cakefoundation {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Cakefoundation"}]}