VDB

GCVE-110-MAGEIA-2016-44

GCVE-110-MAGEIA-2016-44
Advisory Published
Vulnetix · Advisory published February 5, 2016
CakePHP, an open-source web application framework for PHP, was vulnerable to SSRF (Server Side Request Forgery) attacks. Remote attacker can utilize it for at least DoS (Denial of Service) attacks, if the target application accepts XML as an input. It is caused by insecure design of Cake's Xml class.

Affected Products

VendorProductVersionsPlatforms
Mageiacakephp0 (affected), 1.3.21-2.mga5 (unaffected), 0 (affected), 1.3.21-2.mga5 (unaffected)
Mageiamariadb0 (affected), 10.0.24-1.mga5 (unaffected)

Browse GCVE Records

73,443 records in the GCVE database · Updated July 18, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›