Vulnerabilities > Cakefoundation

DATE	CVE	VULNERABILITY TITLE	RISK
2020-06-30	CVE-2020-15400	Cross-site Scripting vulnerability in Cakefoundation Cakephp CakePHP before 4.0.6 mishandles CSRF token generation. network low complexity cakefoundation CWE-79	4.3
2012-10-09	CVE-2012-4399	XXE vulnerability in Cakefoundation Cakephp The Xml class in CakePHP 2.1.x before 2.1.5 and 2.2.x before 2.2.1 allows remote attackers to read arbitrary files via XML data containing external entity references, aka an XML external entity (XXE) injection attack. network low complexity cakefoundation CWE-611	7.5

Vulnerabilities > Cakefoundation {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Cakefoundation"}]}