PHP Framework
CakePHP
CakePHP is an open-source web framework. It follows the model and controller (MVC) approach and is written in PHP modeled after the concepts of Ruby on Rails and distributed under the MIT License.
Severity Summary:
Critical: 1
High: 5
Medium: 5
CakePHP Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Critical
CakePHP Deserialization of Untrusted Data Vulnerability
High
CakePHP Improper Input Validation Vulnerability
High
CakePHP Cross-Site Request Forgery (CSRF) Vulnerability
High
CakePHP Improper Input Validation Vulnerability
High
CakePHP Cross-Site Request Forgery (CSRF) Vulnerability
High
CakePHP Cross-Site Request Forgery (CSRF) Vulnerability
Medium
CakePHP Permissions Privileges and Access Controls Vulnerability
Medium
CakePHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CakePHP Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Medium
CakePHP Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium