StatCounter

Tuesday, December 16, 2008

CakePHP security issue - even in thechaw.com (written by core dev)

CakePHP security issue



Recently I have stumbled upon thechaw.com--written by CakePHP core dev and developed in CakePHP. I just wanted to check if they have fixed the old security issue in CakePHP and found that the issue is still open.

Proof of concept


CakePHP Security Issue

CakePHP memory error



In another time, found a famous memory error even in bakery.cakephp.org

CakePHP memory error

Bottom line



CakePHP is open source and so you can fix these issues by yourself

No comments: