Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
codeigniter codeigniter vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2020-25091
Ecommerce-CodeIgniter-Bootstrap prior to 2020-08-03 allows XSS in application/modules/vendor/views/add_product.php.
Ecommerce-codeigniter-bootstrap Project Ecommerce-codeigniter-bootstrap
4.3
CVSSv2
CVE-2020-25092
Ecommerce-CodeIgniter-Bootstrap prior to 2020-08-03 allows XSS in _parts/header.php, within application/views/templates/clothesshop, application/views/templates/greenlabel, and application/views/templates/redlabel.
Ecommerce-codeigniter-bootstrap Project Ecommerce-codeigniter-bootstrap
4.3
CVSSv2
CVE-2020-25093
Ecommerce-CodeIgniter-Bootstrap prior to 2020-08-03 allows XSS in blog.php. within application/views/templates/clothesshop, application/views/templates/onepage, and application/views/templates/redlabel.
Ecommerce-codeigniter-bootstrap Project Ecommerce-codeigniter-bootstrap
4.3
CVSSv2
CVE-2020-25088
Ecommerce-CodeIgniter-Bootstrap prior to 2020-08-03 allows XSS in application/modules/admin/views/blog/blogpublish.php.
Ecommerce-codeigniter-bootstrap Project Ecommerce-codeigniter-bootstrap
4.3
CVSSv2
CVE-2022-26624
Bootstrap v3.1.11 and v3.3.7 exists to contain a cross-site scripting (XSS) vulnerability via the Title parameter in /vendor/views/add_product.php.
Ecommerce Codeigniter Bootstrap Project Ecommerce Codeigniter Bootstrap -
1 Github repository
NA
CVE-2023-23010
Cross Site Scripting (XSS) vulnerability in Ecommerce-CodeIgniter-Bootstrap thru commit d5904379ca55014c5df34c67deda982c73dc7fe5 (on Dec 27, 2022), allows malicious users to execute arbitrary code via the languages and trans_load parameters in file add_product.php.
Ecommerce-codeigniter-bootstrap Project Ecommerce-codeigniter-bootstrap
4.3
CVSSv2
CVE-2021-40975
Cross-site scripting (XSS) vulnerability in application/modules/admin/views/ecommerce/products.php in Ecommerce-CodeIgniter-Bootstrap (Codeigniter 3.1.11, Bootstrap 3.3.7) allows remote malicious users to inject arbitrary web script or HTML via the search_title parameter.
Ecommerce-codeigniter-bootstrap Project Ecommerce-codeigniter-bootstrap -
NA
CVE-2022-35213
Ecommerce-CodeIgniter-Bootstrap before commit 56465f exists to contain a cross-site scripting (XSS) vulnerability via the function base_url() at /blog/blogpublish.php.
Ecommerce-codeigniter-bootstrap Project Ecommerce-codeigniter-bootstrap
2 Github repositories
7.5
CVSSv2
CVE-2014-8684
CodeIgniter prior to 3.0 and Kohana 3.2.3 and previous versions and 3.3.x up to and including 3.3.2 make it easier for remote malicious users to spoof session cookies and consequently conduct PHP object injection attacks by leveraging use of standard string comparison operators t...
Kohanaframework Kohana 3.3.0
Kohanaframework Kohana 3.3.1
Kohanaframework Kohana 3.2.3
Codeigniter Codeigniter
1 EDB exploit
NA
CVE-2023-27580
CodeIgniter Shield provides authentication and authorization for the CodeIgniter 4 PHP framework. An improper implementation was found in the password storage process. All hashed passwords stored in Shield v1.0.0-beta.3 or earlier are easier to crack than expected due to the vuln...
Codeigniter Shield 1.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »