Default Page Detected (CakePHP Framework)

Severity: Information

Summary#

Invicti detected the CakePHP Framework default installation page.

This issue is reported for information only. If there is any other vulnerability identified regarding this resource, Invicti will report it as a separate issue.

Classifications#

CWE-200, WASC-13, ISO27001-A.18.1.3, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C

Invicti Security Insights

Sven Morgenroth Talks About PHP Object Injection Vulnerabilities on Paul’s Security Weekly Podcast
End of Support for PHP 5 and PHP 7.0
The Powerful Resource of PHP Stream Wrappers
Sven Morgenroth Talks About PHP Type Juggling on Paul’s Security Weekly Podcast
Detailed Explanation of PHP Type Juggling Vulnerabilities