Vulnerabilities > Cakephp
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-17 | CVE-2023-22727 | SQL Injection vulnerability in Cakephp CakePHP is a development framework for PHP web apps. | 9.8 |
| 2017-01-23 | CVE-2016-4793 | Improper Input Validation vulnerability in Cakephp The clientIp function in CakePHP 3.2.4 and earlier allows remote attackers to spoof their IP via the CLIENT-IP HTTP header. | 7.5 |
| 2016-01-26 | CVE-2015-8379 | Cross-Site Request Forgery (CSRF) vulnerability in Cakephp CakePHP 2.x and 3.x before 3.1.5 might allow remote attackers to bypass the CSRF protection mechanism via the _method parameter. | 8.8 |