Debian Cakephp vulnerabilities

CVE-2026-23643 [MEDIUM] CVE-2026-23643: cakephp - CakePHP is a rapid development framework for PHP. The PaginatorHelper::limitCont... CakePHP is a rapid development framework for PHP. The PaginatorHelper::limitControl() method has a cross-site-scripting vulnerability via query string parameter manipulation. This issue has been fixed in 5.2.12 and 5.3.1. Scope: local bullseye: resolved

CVE-2023-22727 [CRITICAL] CVE-2023-22727: cakephp - CakePHP is a development framework for PHP web apps. In affected versions the `C... CakePHP is a development framework for PHP web apps. In affected versions the `Cake\Database\Query::limit()` and `Cake\Database\Query::offset()` methods are vulnerable to SQL injection if passed un-sanitized user request data. This issue has been fixed in 4.2.12, 4.3.11, 4.4.10. Users are advised to upgrade. Users unable to upgrade may mitigate this issue by usi

CVE-2020-15400 [MEDIUM] CVE-2020-15400: cakephp - CakePHP before 4.0.6 mishandles CSRF token generation. This might be remotely ex... CakePHP before 4.0.6 mishandles CSRF token generation. This might be remotely exploitable in conjunction with XSS. Scope: local bullseye: open

CVE-2020-35239 [HIGH] CVE-2020-35239: cakephp - A vulnerability exists in CakePHP versions 4.0.x through 4.1.3. The CsrfProtecti... A vulnerability exists in CakePHP versions 4.0.x through 4.1.3. The CsrfProtectionMiddleware component allows method override parameters to bypass CSRF checks by changing the HTTP request method to an arbitrary string that is not in the list of request methods that CakePHP checks. Additionally, the route middleware does not verify that this overriden method (which c

CVE-2019-11458 [HIGH] CVE-2019-11458: cakephp - An issue was discovered in SmtpTransport in CakePHP 3.7.6. An unserialized objec... An issue was discovered in SmtpTransport in CakePHP 3.7.6. An unserialized object with modified internal properties can trigger arbitrary file overwriting upon destruction. Scope: local bullseye: resolved

CVE-2016-4793 [HIGH] CVE-2016-4793: cakephp - The clientIp function in CakePHP 3.2.4 and earlier allows remote attackers to sp... The clientIp function in CakePHP 3.2.4 and earlier allows remote attackers to spoof their IP via the CLIENT-IP HTTP header. Scope: local bullseye: resolved (fixed in 2.8.3-1)

CVE-2015-8379 [HIGH] CVE-2015-8379: cakephp - CakePHP 2.x and 3.x before 3.1.5 might allow remote attackers to bypass the CSRF... CakePHP 2.x and 3.x before 3.1.5 might allow remote attackers to bypass the CSRF protection mechanism via the _method parameter. Scope: local bullseye: resolved (fixed in 2.8.0-1)

CVE-2012-4399 [HIGH] CVE-2012-4399: cakephp - The Xml class in CakePHP 2.1.x before 2.1.5 and 2.2.x before 2.2.1 allows remote... The Xml class in CakePHP 2.1.x before 2.1.5 and 2.2.x before 2.2.1 allows remote attackers to read arbitrary files via XML data containing external entity references, aka an XML external entity (XXE) injection attack. Scope: local bullseye: resolved

CVE-2010-4335 [HIGH] CVE-2010-4335: cakephp - The _validatePost function in libs/controller/components/security.php in CakePHP... The _validatePost function in libs/controller/components/security.php in CakePHP 1.3.x through 1.3.5 and 1.2.8 allows remote attackers to modify the internal Cake cache and execute arbitrary code via a crafted data[_Token][fields] value that is processed by the unserialize function, as demonstrated by modifying the file_map cache to execute arbitrary local files. Scop

CVE-2006-4067 [MEDIUM] CVE-2006-4067: cakephp - Cross-site scripting (XSS) vulnerability in cake/libs/error.php in CakePHP befor... Cross-site scripting (XSS) vulnerability in cake/libs/error.php in CakePHP before 1.1.7.3363 allows remote attackers to inject arbitrary web script or HTML via the URL, which is reflected back in a 404 ("Not Found") error page. NOTE: some of these details are obtained from third party information. Scope: local bullseye: resolved (fixed in 1.1.13.4450-1)

CVE-2006-5031 [MEDIUM] CVE-2006-5031: cakephp - Directory traversal vulnerability in app/webroot/js/vendors.php in Cake Software... Directory traversal vulnerability in app/webroot/js/vendors.php in Cake Software Foundation CakePHP before 1.1.8.3544 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter, followed by a filename ending with "%00" and a .js filename. Scope: local bullseye: resolved (fixed in 1.1.13.4450-1)