Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
codeigniter codeigniter vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-23010
Cross Site Scripting (XSS) vulnerability in Ecommerce-CodeIgniter-Bootstrap thru commit d5904379ca55014c5df34c67deda982c73dc7fe5 (on Dec 27, 2022), allows malicious users to execute arbitrary code via the languages and trans_load parameters in file add_product.php.
Ecommerce-codeigniter-bootstrap Project Ecommerce-codeigniter-bootstrap
NA
CVE-2022-46170
CodeIgniter is a PHP full-stack web framework. When an application uses (1) multiple session cookies (e.g., one for user pages and one for admin pages) and (2) a session handler is set to `DatabaseHandler`, `MemcachedHandler`, or `RedisHandler`, then if an attacker gets one sessi...
Codeigniter Codeigniter
NA
CVE-2022-23556
CodeIgniter is a PHP full-stack web framework. This vulnerability may allow malicious users to spoof their IP address when the server is behind a reverse proxy. This issue has been patched, please upgrade to version 4.2.11 or later, and configure `Config\App::$proxyIPs`. As a wor...
Codeigniter Codeigniter
NA
CVE-2022-41446
An access control issue in /Admin/dashboard.php of Record Management System using CodeIgniter v1.0 allows malicious users to access and modify user data.
Record Management System Project Record Management System -
1 Github repository
NA
CVE-2022-41445
A cross-site scripting (XSS) vulnerability in Record Management System using CodeIgniter 1.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Add Subject page.
Teacher Record Management System Project Teacher Record Management System 1.0
1 Github repository
NA
CVE-2022-40825
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php where_in() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
Codeigniter Codeigniter
Codeigniter Codeigniter 3.0
NA
CVE-2022-40828
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_where_not_in() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
Codeigniter Codeigniter
Codeigniter Codeigniter 3.0
NA
CVE-2022-40829
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_like() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
Codeigniter Codeigniter
Codeigniter Codeigniter 3.0
NA
CVE-2022-40831
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php like() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
Codeigniter Codeigniter
Codeigniter Codeigniter 3.0
NA
CVE-2022-40832
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php having() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
Codeigniter Codeigniter
Codeigniter Codeigniter 3.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »