CVEs-PoC/2012/CVE-2012-4399.md at fb72866abda7b3c768cede9c8bc9e7764567e5d7

mirror of https://github.com/0xMarcio/cve.git synced 2026-02-12 18:42:46 +00:00

Files

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

Description

The Xml class in CakePHP 2.1.x before 2.1.5 and 2.2.x before 2.2.1 allows remote attackers to read arbitrary files via XML data containing external entity references, aka an XML external entity (XXE) injection attack.

POC

Reference

http://seclists.org/bugtraq/2012/Jul/101
http://www.exploit-db.com/exploits/19863

Github

No PoCs found on GitHub currently.

732 B Raw Blame History

CVE-2012-4399

Description

POC

Reference

Github

732 B

Raw Blame History