VYPR

Packagist (Composer) package

cakephp/database

pkg:composer/cakephp/database

Vulnerabilities (1)

  • CVE-2023-22727Jan 17, 2023
    affected >= 4.2.0, < 4.2.12fixed 4.2.12

    CakePHP is a development framework for PHP web apps. In affected versions the `Cake\Database\Query::limit()` and `Cake\Database\Query::offset()` methods are vulnerable to SQL injection if passed un-sanitized user request data. This issue has been fixed in 4.2.12, 4.3.11, 4.4.10.