| CakePHP | Number Of NVD | 11 | CRITICAL | 1 | HIGH | 6 | MEDIUM | 4 | LOW | 0 |
| URL | https://cakephp.org/ | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Explanation | It is a free and open web framework for quick PHP development. It is one of the oldest PHP frameworks and the community is very active, so a lot of necessary information is available on the Internet. It has been fully compatible with PHP8 since Version 4.2. For the 2.x series, 12 months of bug fixes and 18 months of security fixes will be made after the release of 4.0.0. The 3.x series will have 18 months of bug fixes and 36 months of security fixes after the release of 4.0.0. |
||||||||
| Tag | |||||||||
| No | Type | Name | URL |
|---|---|---|---|
| 1 | https://github.com/cakephp | ||
| 2 | https://bakery.cakephp.org/tags/release.html | ||
| 3 | https://bakery.cakephp.org/ | ||
| 4 | https://bakery.cakephp.org/2017/06/23/upcoming-cakephp-roadmap.html |
| No | Name | Latest Version | Release date | Initial release | Normal Support | Security Support Service Pack Support |
Extended for a fee |
Critical | High | Medium | Low |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 11 | CakePHP 5 | 5.3.0-RC1 | Nov. 8, 2025 | Sept. 9, 2023 | 0 | 0 | 0 | 0 | |||
| 12 | CakePHP 4 | 4.5.6 | June 22, 2024 | Dec. 16, 2019 | 1 | 1 | 1 | 0 | |||
| 13 | CakePHP 3 | 5.0.1 | Sept. 29, 2023 | March 23, 2015 | May 16, 2021 | Dec. 16, 2022 | 0 | 3 | 1 | 0 | |
| 14 | CakePHP 2 | 2.10.24 | Dec. 15, 2020 | Oct. 7, 2011 | Dec. 16, 2020 | May 15, 2021 | 0 | 3 | 1 | 0 | |
| 15 | CakePHP 1 | 1.0.1.2708 | 0 | 2 | 4 | 0 |
| No | CVSS3 CVSS2 |
Level Attach Vector |
Title | CWE | CVE | cpe23Uri | or higher | or less | more than | less than | Update date Published date |
Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 11 |
- 4.3 |
MEDIUM | Cross-site scripting (XSS) vulnerability in cake/libs/error.php in CakePHP before 1.1.7.3363 allows remote attackers to inject arbitrary web script or HTML via the URL, which is reflected back in a 4… |
CWE-79
Cross-site Scripting |
CVE-2006-4067 |
cpe:2.3:a:cakefoundation:cakephp:1.1.5.3148:* cpe:2.3:a:cakefoundation:cakephp:1.1.4.3104:* cpe:2.3:a:cakefoundat… |
1.1.6.3264 |
2017-07-20 10:32 2006-08-10 |
Show | GitHub Exploit DB Packet Storm |