Cakefoundation Cakephp
2 CVEs affecting Cakefoundation Cakephp. Latest disclosed: 2012-10-09. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2012-4399 | High | 7.5 | 2012-10-09 | The Xml class in CakePHP 2.1.x before 2.1.5 and 2.2.x before 2.2.1 allows remote attackers to read arbitrary files via XML data containing external entity refe… |
CVE-2010-4335 | | 2011-01-14 | The _validatePost function in libs/controller/components/security.php in CakePHP 1.3.x through 1.3.5 and 1.2.8 allows remote attackers to modify the internal C… |