GHSA-p76f-wr22-4rv6
Suggest an improvement- Source
- https://github.com/advisories/GHSA-p76f-wr22-4rv6
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/01/GHSA-p76f-wr22-4rv6/GHSA-p76f-wr22-4rv6.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-p76f-wr22-4rv6
- Published
- 2023-01-20T23:35:01Z
- Modified
- 2024-11-29T05:41:07.154891Z
- Summary
- CakePHP vulnerable to Remote File Inclusion through View template name manipulation
- Details
-
CakePHP 2.x prior to 2.0.99, 2.1.99, 2.2.99, 2.3.99, 2.4.99, 2.5.99, 2.6.12, and 2.7.6 and 3.x prior to 3.0.15 and 3.1.4 is vulnerable to Remote File Inclusion through View template name manipulation.
- Database specific
{ "nvd_published_at": null, "cwe_ids": [], "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2023-01-20T23:35:01Z" }- References
Affected packages
Packagist / cakephp/cakephp
Package
- Name
- cakephp/cakephp
- Purl
- pkg:composer/cakephp/cakephp
Packagist / cakephp/cakephp
Package
- Name
- cakephp/cakephp
- Purl
- pkg:composer/cakephp/cakephp
Packagist / cakephp/cakephp
Package
- Name
- cakephp/cakephp
- Purl
- pkg:composer/cakephp/cakephp
Packagist / cakephp/cakephp
Package
- Name
- cakephp/cakephp
- Purl
- pkg:composer/cakephp/cakephp
Packagist / cakephp/cakephp
Package
- Name
- cakephp/cakephp
- Purl
- pkg:composer/cakephp/cakephp
Packagist / cakephp/cakephp
Package
- Name
- cakephp/cakephp
- Purl
- pkg:composer/cakephp/cakephp
Packagist / cakephp/cakephp
Package
- Name
- cakephp/cakephp
- Purl
- pkg:composer/cakephp/cakephp
Packagist / cakephp/cakephp
Package
- Name
- cakephp/cakephp
- Purl
- pkg:composer/cakephp/cakephp
Packagist / cakephp/cakephp
Package
- Name
- cakephp/cakephp
- Purl
- pkg:composer/cakephp/cakephp
Packagist / cakephp/cakephp
Package
- Name
- cakephp/cakephp
- Purl
- pkg:composer/cakephp/cakephp