Package impact
Packagist / cakephp/cakephp
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2015-8379 | high | 8.8 | 8.8 | 11y ago | CakePHP might allow remote attackers to bypass CSRF protection mechanism via the _method parameter | |||
| CVE-2016-4793 | high | 7.5 | 8.5 | 10y ago | CakePHP allows remote attackers to spoof their IP | |||
| CVE-2012-4399 | high | 7.5 | 8.5 | 14y ago | CakePHPallows remote attackers to read arbitrary files via XML data containing external entity references | |||
| CVE-2010-4335 | high | — | 8.5 | 16y ago | CakePHP allows remote attackers to modify internal Cake cache and execute arbitrary code |