Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
codeigniter codeigniter vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-31820
An issue in Ecommerce-CodeIgniter-Bootstrap commit v. d22b54e8915f167a135046ceb857caaf8479c4da allows a remote malicious user to execute arbitrary code via the getLangFolderForEdit method of the Languages.php component.
NA
CVE-2024-31821
SQL Injection vulnerability in Ecommerce-CodeIgniter-Bootstrap commit v. d22b54e8915f167a135046ceb857caaf8479c4da allows a remote malicious user to execute arbitrary code via the manageQuantitiesAndProcurement method of the Orders_model.php component.
NA
CVE-2024-31822
An issue in Ecommerce-CodeIgniter-Bootstrap commit v. d22b54e8915f167a135046ceb857caaf8479c4da allows a remote malicious user to execute arbitrary code via the saveLanguageFiles method of the Languages.php component.
NA
CVE-2024-31823
An issue in Ecommerce-CodeIgniter-Bootstrap commit v. d22b54e8915f167a135046ceb857caaf8479c4da allows a remote malicious user to execute arbitrary code via the removeSecondaryImage method of the Publish.php component.
NA
CVE-2024-29904
CodeIgniter is a PHP full-stack web framework A vulnerability was found in the Language class that allowed DoS attacks. This vulnerability can be exploited by an malicious user to consume a large amount of memory on the server. Upgrade to v4.4.7 or later.
NA
CVE-2023-48707
CodeIgniter Shield is an authentication and authorization provider for CodeIgniter 4. The `secretKey` value is an important key for HMAC SHA256 authentication and in affected versions was stored in the database in cleartext form. If a malicious person somehow had access to the da...
Codeigniter Shield 1.0.0
NA
CVE-2023-48708
CodeIgniter Shield is an authentication and authorization provider for CodeIgniter 4. In affected versions successful login attempts are recorded with the raw tokens stored in the log table. If a malicious person somehow views the data in the log table they can obtain a raw token...
Codeigniter Shield 1.0.0
NA
CVE-2023-46240
CodeIgniter is a PHP full-stack web framework. Prior to CodeIgniter4 version 4.4.3, if an error or exception occurs, a detailed error report is displayed even if in the production environment. As a result, confidential information may be leaked. Version 4.4.3 contains a patch. As...
Codeigniter Codeigniter
NA
CVE-2023-32692
CodeIgniter is a PHP full-stack web framework. This vulnerability allows malicious users to execute arbitrary code when you use Validation Placeholders. The vulnerability exists in the Validation library, and validation methods in the controller and in-model validation are also v...
Codeigniter Codeigniter
NA
CVE-2023-27580
CodeIgniter Shield provides authentication and authorization for the CodeIgniter 4 PHP framework. An improper implementation was found in the password storage process. All hashed passwords stored in Shield v1.0.0-beta.3 or earlier are easier to crack than expected due to the vuln...
Codeigniter Shield 1.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »