Lucene search
GoogleOSV:GHSA-J8P3-8M69-2HQQHistoryMay 14, 2022 - 2:19 a.m.
CakePHP allows remote attackers to spoof their IP
2022-05-1402:19:19
Google
osv.dev
9
cakephp
remote attackers
spoofing
vulnerability
http header
EPSS
0.067
Percentile
93.9%
The clientIp function in CakePHP 3.2.4 and earlier allows remote attackers to spoof their IP via the CLIENT-IP HTTP header.
References
legalhackers.com/advisories/CakePHP-IP-Spoofing-Vulnerability.txt
www.securityfocus.com/bid/95846
bakery.cakephp.org/2016/03/13/cakephp_2613_2711_282_3017_3112_325_released.html
github.com/cakephp/cakephp
github.com/cakephp/cakephp/commit/908754649f70bab2b1093942e17c9a46a2fcf6c2
nvd.nist.gov/vuln/detail/CVE-2016-4793
support.citrix.com/article/CTX236992
www.exploit-db.com/exploits/39813
Related
prion
prion
Design/Logic Flaw
2017-01-23 21:59:00
cve
cve
CVE-2016-4793
2017-01-23 21:59:01
openvas
openvas
Debian: Security Advisory (DLA-835-1)
2018-01-07 00:00:00
ubuntucve
ubuntucve
CVE-2016-4793
2017-01-23 00:00:00
osv
osv
cakephp - security update
2017-02-24 00:00:00
CVE-2016-4793
2017-01-23 21:59:01
github
github
CakePHP allows remote attackers to spoof their IP
2022-05-14 02:19:19
debian
debian
[SECURITY] [DLA 835-1] cakephp security update
2017-02-24 19:41:22
cvelist
cvelist
CVE-2016-4793
2017-01-23 21:00:00
debiancve
debiancve
CVE-2016-4793
2017-01-23 21:59:01
exploitdb
exploitdb
CakePHP Framework 3.2.4 - IP Spoofing
2016-05-16 00:00:00
zdt
zdt
CakePHP Framework 3.2.4 - IP Spoofing
2016-05-16 00:00:00
nvd
nvd
CVE-2016-4793
2017-01-23 21:59:01
nessus
nessus
Debian DLA-835-1 : cakephp security update
2017-02-27 00:00:00
citrix
citrix
Citrix SD-WAN Multiple Security Updates
2020-11-09 09:09:01