CakePHP unserialize Remote Code Execution Exploit

CakePHP is vulnerable to a file inclusion attack because of its use of the "unserialize()" function on unchecked user input. This makes it possible to inject arbitary objects into the scope.
Exploit type: 
Platform: 
Vulnerabilty ID: 
CVE-2010-4335
Product Version: 
11.0
Released Date: 
Thursday, August 11, 2011 - 00:00