Skip to main content

CakePHP security issue - even in thechaw.com (written by core dev)

CakePHP security issue



Recently I have stumbled upon thechaw.com--written by CakePHP core dev and developed in CakePHP. I just wanted to check if they have fixed the old security issue in CakePHP and found that the issue is still open.

Proof of concept


CakePHP Security Issue

CakePHP memory error



In another time, found a famous memory error even in bakery.cakephp.org

CakePHP memory error

Bottom line



CakePHP is open source and so you can fix these issues by yourself
Labels:

Comments

Post a Comment

Popular posts from this blog

Using Sodexo Meal Pass Card in BigBasket.com - How-to

How to Use Sodexo Meal Pass Card in Bigbasket.com Sodexo started to issue Smart Card similar to Credit Card--instead of their usual paper based vouchers.

I was using Sodexo vouchers for longtime, but it was a big letdown when I can't get some of my unused vouchers renewed. And so, I was somehow happy with their new Meal Pass Card. But, again, it was a big letdown as I can't use it with BigBasket--where I usually use most of my meal coupon vouchers.
SMS message from Sodexo on December 20, 2017 1:18 PM came as a big surprise, as I was waiting for this for longtime:
Great News! Pay with your Sodexo Meal Card for food items ordered from Big Basket. Choose Sodexo in the payment section & pay on delivery.

And so, this month, I tried to use my Sodexo Meal Pass Card in BigBasket.

BigBasket website had not much information; I thought that I have to swipe my Meal Pass Card. Delivery person also didn't have much information; initially he was rejecting my Card! I tried to contact …
Post a Comment
Read more

Technology prediction for 2018

Bubbles of bitcoin, blockchain, machine learning, deep learning, artificial intelligence and more

People usually appreciate me for my predictions on technologies. As I already noted our team will quickly hit the edge case for any use cases and that's supposed to be the reason for my better prediction rate. And so, here are my predictions…
Bitcoin bubble When Bitcoin became talk of the town/industry, I informed my boss and colleagues that I find no real use case for this digital currency--except in underground markets like drugs, etc. In fiat currencies, there is at least a way to take legal route, in case, if you've transferred the money and not received the goods. But, in Bitcoin, this is not possible at all as it is not a legal currency. So, if there is no trust, the chances that other person can cheat you by not sending the goods and or not transferring bitcoins after receiving goods.
My stand above vindicated by the article Ten years in, nobody has come up with a use for …
Post a Comment
Read more

Comparison and review of MacBook cases and brands

Of late, I have worked on the development of AppleOnly.in, a website that sells cases, sleeves, covers, bags, etc for Apple MacBook Air/Pro, iPhone, etc. Because of that, people started to ask questions about cases and their reviews. I'll try to summarize my answers here:

i-Blason Vs iBenzer -- what is the premium brand and why?
Both i-Blason and iBenzer are from the USA. Hence, both are priced around Rs.3,000/- to Rs.8,000/- i-Blason is relatively an established brand (and so, they're popular in social media)iBenzer is relatively new compared to i-Blason. But, cost wise and quality wise, iBenzer is much superior to i-Blason. For example, Hexpact by iBenzer is an award winning design at the CESAt AppleOnly.in, we have not received a single return and complaints for iBenzer. But, many times, we have received complaints and returns from customers for i-Blason.
What MacBook Pro/Air case would you recommend and why? I would personally recommend iBenzer cases without any doubt.

Hexp…
Post a Comment
Read more