Vulnerabilites related to codeigniter - codeigniter
CVE-2022-40826 (GCVE-0-2022-40826)
Vulnerability from cvelistv5
Published
2022-10-07 00:00
Modified
2024-08-03 12:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_having() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:bcit-ci:codeigniter:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "codeigniter",
"vendor": "bcit-ci",
"versions": [
{
"lessThanOrEqual": "3.1.13",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-40826",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-21T18:45:27.230942Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-05T19:17:18.904Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:28:42.612Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "B.C. Institute of Technology CodeIgniter \u003c=3.1.13 is vulnerable to SQL Injection via system\\database\\DB_query_builder.php or_having() function. Note: Multiple third parties have disputed this as not a valid vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-17T20:24:56.912617",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
}
],
"tags": [
"disputed"
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-40826",
"datePublished": "2022-10-07T00:00:00",
"dateReserved": "2022-09-19T00:00:00",
"dateUpdated": "2024-08-03T12:28:42.612Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-24712 (GCVE-0-2022-24712)
Vulnerability from cvelistv5
Published
2022-02-28 16:00
Modified
2025-04-23 19:00
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-352 - Cross-Site Request Forgery (CSRF)
Summary
CodeIgniter4 is the 4.x branch of CodeIgniter, a PHP full-stack web framework. A vulnerability in versions prior to 4.1.9 might allow remote attackers to bypass the CodeIgniter4 Cross-Site Request Forgery (CSRF) protection mechanism. Users should upgrade to version 4.1.9. There are workarounds for this vulnerability, but users will still need to code as these after upgrading to v4.1.9. Otherwise, the CSRF protection may be bypassed. If auto-routing is enabled, check the request method in the controller method before processing. If auto-routing is disabled, either avoid using `$routes->add()` and instead use HTTP verbs in routes; or check the request method in the controller method before processing.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| codeigniter4 | CodeIgniter4 |
Version: < 4.1.9 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:20:49.797Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-4v37-24gm-h554"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/blob/7dc2ece32401ebde67122f7d2460efcaee7c352e/user_guide_src/source/changelogs/v4.1.9.rst"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-24712",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T14:09:51.233894Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T19:00:10.052Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "CodeIgniter4",
"vendor": "codeigniter4",
"versions": [
{
"status": "affected",
"version": "\u003c 4.1.9"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter4 is the 4.x branch of CodeIgniter, a PHP full-stack web framework. A vulnerability in versions prior to 4.1.9 might allow remote attackers to bypass the CodeIgniter4 Cross-Site Request Forgery (CSRF) protection mechanism. Users should upgrade to version 4.1.9. There are workarounds for this vulnerability, but users will still need to code as these after upgrading to v4.1.9. Otherwise, the CSRF protection may be bypassed. If auto-routing is enabled, check the request method in the controller method before processing. If auto-routing is disabled, either avoid using `$routes-\u003eadd()` and instead use HTTP verbs in routes; or check the request method in the controller method before processing."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352: Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-28T16:00:12.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-4v37-24gm-h554"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/blob/7dc2ece32401ebde67122f7d2460efcaee7c352e/user_guide_src/source/changelogs/v4.1.9.rst"
}
],
"source": {
"advisory": "GHSA-4v37-24gm-h554",
"discovery": "UNKNOWN"
},
"title": "Cross-Site Request Forgery (CSRF) Protection Bypass Vulnerability in CodeIgniter4",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-24712",
"STATE": "PUBLIC",
"TITLE": "Cross-Site Request Forgery (CSRF) Protection Bypass Vulnerability in CodeIgniter4"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CodeIgniter4",
"version": {
"version_data": [
{
"version_value": "\u003c 4.1.9"
}
]
}
}
]
},
"vendor_name": "codeigniter4"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CodeIgniter4 is the 4.x branch of CodeIgniter, a PHP full-stack web framework. A vulnerability in versions prior to 4.1.9 might allow remote attackers to bypass the CodeIgniter4 Cross-Site Request Forgery (CSRF) protection mechanism. Users should upgrade to version 4.1.9. There are workarounds for this vulnerability, but users will still need to code as these after upgrading to v4.1.9. Otherwise, the CSRF protection may be bypassed. If auto-routing is enabled, check the request method in the controller method before processing. If auto-routing is disabled, either avoid using `$routes-\u003eadd()` and instead use HTTP verbs in routes; or check the request method in the controller method before processing."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-352: Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-4v37-24gm-h554",
"refsource": "CONFIRM",
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-4v37-24gm-h554"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/blob/7dc2ece32401ebde67122f7d2460efcaee7c352e/user_guide_src/source/changelogs/v4.1.9.rst",
"refsource": "MISC",
"url": "https://github.com/codeigniter4/CodeIgniter4/blob/7dc2ece32401ebde67122f7d2460efcaee7c352e/user_guide_src/source/changelogs/v4.1.9.rst"
}
]
},
"source": {
"advisory": "GHSA-4v37-24gm-h554",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-24712",
"datePublished": "2022-02-28T16:00:12.000Z",
"dateReserved": "2022-02-10T00:00:00.000Z",
"dateUpdated": "2025-04-23T19:00:10.052Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-1000247 (GCVE-0-2017-1000247)
Vulnerability from cvelistv5
Published
2017-11-17 04:00
Modified
2024-09-17 01:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
British Columbia Institute of Technology CodeIgniter 3.1.3 is vulnerable to HTTP Header Injection in the set_status_header() common function under Apache resulting in HTTP Header Injection flaws.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.codeigniter.com/userguide3/changelog.html#version-3-1-4 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:00:39.906Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.codeigniter.com/userguide3/changelog.html#version-3-1-4"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"dateAssigned": "2017-08-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "British Columbia Institute of Technology CodeIgniter 3.1.3 is vulnerable to HTTP Header Injection in the set_status_header() common function under Apache resulting in HTTP Header Injection flaws."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-17T04:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.codeigniter.com/userguide3/changelog.html#version-3-1-4"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED": "2017-08-22T17:29:33.476306",
"ID": "CVE-2017-1000247",
"REQUESTER": "gcaminer@flowgate.net",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "British Columbia Institute of Technology CodeIgniter 3.1.3 is vulnerable to HTTP Header Injection in the set_status_header() common function under Apache resulting in HTTP Header Injection flaws."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.codeigniter.com/userguide3/changelog.html#version-3-1-4",
"refsource": "MISC",
"url": "https://www.codeigniter.com/userguide3/changelog.html#version-3-1-4"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-1000247",
"datePublished": "2017-11-17T04:00:00Z",
"dateReserved": "2017-11-16T00:00:00Z",
"dateUpdated": "2024-09-17T01:10:53.370Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-40827 (GCVE-0-2022-40827)
Vulnerability from cvelistv5
Published
2022-10-07 00:00
Modified
2025-04-09 18:23
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php where() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-40827",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-09T18:23:19.331860Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-09T18:23:28.270Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:28:42.714Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "B.C. Institute of Technology CodeIgniter \u003c=3.1.13 is vulnerable to SQL Injection via system\\database\\DB_query_builder.php where() function. Note: Multiple third parties have disputed this as not a valid vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-17T20:24:10.545Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
}
],
"tags": [
"disputed"
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-40827",
"datePublished": "2022-10-07T00:00:00.000Z",
"dateReserved": "2022-09-19T00:00:00.000Z",
"dateUpdated": "2025-04-09T18:23:28.270Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-41344 (GCVE-0-2024-41344)
Vulnerability from cvelistv5
Published
2024-10-15 00:00
Modified
2024-10-15 19:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
A Cross-Site Request Forgery (CSRF) in Codeigniter 3.1.13 allows attackers to arbitrarily change the Administrator password and escalate privileges.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "codeigniter",
"vendor": "codeigniter",
"versions": [
{
"status": "affected",
"version": "3.1.13"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-41344",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-15T19:14:00.800389Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T19:25:10.969Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A Cross-Site Request Forgery (CSRF) in Codeigniter 3.1.13 allows attackers to arbitrarily change the Administrator password and escalate privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T18:52:33.476949",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/kirilkirkov/Ecommerce-CodeIgniter-Bootstrap/issues/264"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-41344",
"datePublished": "2024-10-15T00:00:00",
"dateReserved": "2024-07-18T00:00:00",
"dateUpdated": "2024-10-15T19:25:10.969Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-23556 (GCVE-0-2022-23556)
Vulnerability from cvelistv5
Published
2022-12-22 18:50
Modified
2025-04-15 14:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-345 - Insufficient Verification of Data Authenticity
Summary
CodeIgniter is a PHP full-stack web framework. This vulnerability may allow attackers to spoof their IP address when the server is behind a reverse proxy. This issue has been patched, please upgrade to version 4.2.11 or later, and configure `Config\App::$proxyIPs`. As a workaround, do not use `$request->getIPAddress()`.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-ghw3-5qvm-3mqc | x_refsource_CONFIRM | |
| https://github.com/codeigniter4/CodeIgniter4/commit/5ca8c99b2db09a2a08a013836628028ddc984659 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| codeigniter4 | CodeIgniter4 |
Version: < 4.2.11 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:43:46.542Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-ghw3-5qvm-3mqc",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-ghw3-5qvm-3mqc"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/commit/5ca8c99b2db09a2a08a013836628028ddc984659",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/5ca8c99b2db09a2a08a013836628028ddc984659"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-23556",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-15T14:36:49.954898Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-15T14:37:02.216Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "CodeIgniter4",
"vendor": "codeigniter4",
"versions": [
{
"status": "affected",
"version": "\u003c 4.2.11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter is a PHP full-stack web framework. This vulnerability may allow attackers to spoof their IP address when the server is behind a reverse proxy. This issue has been patched, please upgrade to version 4.2.11 or later, and configure `Config\\App::$proxyIPs`. As a workaround, do not use `$request-\u003egetIPAddress()`.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-345",
"description": "CWE-345: Insufficient Verification of Data Authenticity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-22T18:50:55.443Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-ghw3-5qvm-3mqc",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-ghw3-5qvm-3mqc"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/commit/5ca8c99b2db09a2a08a013836628028ddc984659",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/5ca8c99b2db09a2a08a013836628028ddc984659"
}
],
"source": {
"advisory": "GHSA-ghw3-5qvm-3mqc",
"discovery": "UNKNOWN"
},
"title": "CodeIgniter is vulnerable to IP address spoofing when using proxy"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-23556",
"datePublished": "2022-12-22T18:50:55.443Z",
"dateReserved": "2022-01-19T21:23:53.803Z",
"dateUpdated": "2025-04-15T14:37:02.216Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-40830 (GCVE-0-2022-40830)
Vulnerability from cvelistv5
Published
2022-10-07 00:00
Modified
2024-08-03 12:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php where_not_in() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "codeigniter",
"vendor": "codeigniter",
"versions": [
{
"lessThanOrEqual": "3.1.13",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-40830",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-18T19:08:45.528803Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-18T19:15:21.322Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:28:42.554Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "B.C. Institute of Technology CodeIgniter \u003c=3.1.13 is vulnerable to SQL Injection via system\\database\\DB_query_builder.php where_not_in() function. Note: Multiple third parties have disputed this as not a valid vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-17T20:22:22.788198",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
}
],
"tags": [
"disputed"
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-40830",
"datePublished": "2022-10-07T00:00:00",
"dateReserved": "2022-09-19T00:00:00",
"dateUpdated": "2024-08-03T12:28:42.554Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10793 (GCVE-0-2020-10793)
Vulnerability from cvelistv5
Published
2020-03-23 14:12
Modified
2024-08-04 11:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
CodeIgniter through 4.0.0 allows remote attackers to gain privileges via a modified Email ID to the "Select Role of the User" page. NOTE: A contributor to the CodeIgniter framework argues that the issue should not be attributed to CodeIgniter. Furthermore, the blog post reference shows an unknown website built with the CodeIgniter framework but that CodeIgniter is not responsible for introducing this issue because the framework has never provided a login screen, nor any kind of login or user management facilities beyond a Session library. Also, another reporter indicates the issue is with a custom module/plugin to CodeIgniter, not CodeIgniter itself.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:14:15.590Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://medium.com/%40vbharad/account-takeover-via-modifying-email-id-codeigniter-framework-ca30741ad297"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://codeigniter4.github.io/userguide/extending/authentication.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-03-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter through 4.0.0 allows remote attackers to gain privileges via a modified Email ID to the \"Select Role of the User\" page. NOTE: A contributor to the CodeIgniter framework argues that the issue should not be attributed to CodeIgniter. Furthermore, the blog post reference shows an unknown website built with the CodeIgniter framework but that CodeIgniter is not responsible for introducing this issue because the framework has never provided a login screen, nor any kind of login or user management facilities beyond a Session library. Also, another reporter indicates the issue is with a custom module/plugin to CodeIgniter, not CodeIgniter itself."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-20T20:09:57",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://medium.com/%40vbharad/account-takeover-via-modifying-email-id-codeigniter-framework-ca30741ad297"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://codeigniter4.github.io/userguide/extending/authentication.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10793",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CodeIgniter through 4.0.0 allows remote attackers to gain privileges via a modified Email ID to the \"Select Role of the User\" page. NOTE: A contributor to the CodeIgniter framework argues that the issue should not be attributed to CodeIgniter. Furthermore, the blog post reference shows an unknown website built with the CodeIgniter framework but that CodeIgniter is not responsible for introducing this issue because the framework has never provided a login screen, nor any kind of login or user management facilities beyond a Session library. Also, another reporter indicates the issue is with a custom module/plugin to CodeIgniter, not CodeIgniter itself."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://medium.com/@vbharad/account-takeover-via-modifying-email-id-codeigniter-framework-ca30741ad297",
"refsource": "MISC",
"url": "https://medium.com/@vbharad/account-takeover-via-modifying-email-id-codeigniter-framework-ca30741ad297"
},
{
"name": "https://codeigniter4.github.io/userguide/extending/authentication.html",
"refsource": "MISC",
"url": "https://codeigniter4.github.io/userguide/extending/authentication.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10793",
"datePublished": "2020-03-23T14:12:20",
"dateReserved": "2020-03-20T00:00:00",
"dateUpdated": "2024-08-04T11:14:15.590Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-40829 (GCVE-0-2022-40829)
Vulnerability from cvelistv5
Published
2022-10-07 00:00
Modified
2024-08-03 12:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_like() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "codeigniter",
"vendor": "codeigniter",
"versions": [
{
"lessThanOrEqual": "3.1.13",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-40829",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-18T19:16:33.537509Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-18T19:17:50.862Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:28:42.625Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "B.C. Institute of Technology CodeIgniter \u003c=3.1.13 is vulnerable to SQL Injection via system\\database\\DB_query_builder.php or_like() function. Note: Multiple third parties have disputed this as not a valid vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-17T20:23:02.430243",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
}
],
"tags": [
"disputed"
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-40829",
"datePublished": "2022-10-07T00:00:00",
"dateReserved": "2022-09-19T00:00:00",
"dateUpdated": "2024-08-03T12:28:42.625Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-32692 (GCVE-0-2023-32692)
Vulnerability from cvelistv5
Published
2023-05-30 03:15
Modified
2025-01-10 20:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Summary
CodeIgniter is a PHP full-stack web framework. This vulnerability allows attackers to execute arbitrary code when you use Validation Placeholders. The vulnerability exists in the Validation library, and validation methods in the controller and in-model validation are also vulnerable because they use the Validation library internally. This issue is patched in version 4.3.5.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-m6m8-6gq8-c9fj | x_refsource_CONFIRM | |
| https://github.com/codeigniter4/CodeIgniter4/blob/develop/CHANGELOG.md | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| codeigniter4 | CodeIgniter4 |
Version: < 4.3.5 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:25:36.360Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-m6m8-6gq8-c9fj",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-m6m8-6gq8-c9fj"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/blob/develop/CHANGELOG.md",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/blob/develop/CHANGELOG.md"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-32692",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-10T20:38:34.423818Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-10T20:38:42.898Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "CodeIgniter4",
"vendor": "codeigniter4",
"versions": [
{
"status": "affected",
"version": "\u003c 4.3.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter is a PHP full-stack web framework. This vulnerability allows attackers to execute arbitrary code when you use Validation Placeholders. The vulnerability exists in the Validation library, and validation methods in the controller and in-model validation are also vulnerable because they use the Validation library internally. This issue is patched in version 4.3.5.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-30T03:15:01.363Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-m6m8-6gq8-c9fj",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-m6m8-6gq8-c9fj"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/blob/develop/CHANGELOG.md",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/blob/develop/CHANGELOG.md"
}
],
"source": {
"advisory": "GHSA-m6m8-6gq8-c9fj",
"discovery": "UNKNOWN"
},
"title": "Remote Code Execution Vulnerability in Validation Placeholders"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-32692",
"datePublished": "2023-05-30T03:15:01.363Z",
"dateReserved": "2023-05-11T16:33:45.733Z",
"dateUpdated": "2025-01-10T20:38:42.898Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-46170 (GCVE-0-2022-46170)
Vulnerability from cvelistv5
Published
2022-12-22 18:58
Modified
2025-04-15 14:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-287 - Improper Authentication
Summary
CodeIgniter is a PHP full-stack web framework. When an application uses (1) multiple session cookies (e.g., one for user pages and one for admin pages) and (2) a session handler is set to `DatabaseHandler`, `MemcachedHandler`, or `RedisHandler`, then if an attacker gets one session cookie (e.g., one for user pages), they may be able to access pages that require another session cookie (e.g., for admin pages). This issue has been patched, please upgrade to version 4.2.11 or later. As a workaround, use only one session cookie.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-6cq5-8cj7-g558 | x_refsource_CONFIRM | |
| https://github.com/codeigniter4/CodeIgniter4/commit/f9fb6574fbeb5a4aa63f7ea87296523e10db9328 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| codeigniter4 | CodeIgniter4 |
Version: < 4.2.11 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:24:03.375Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-6cq5-8cj7-g558",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-6cq5-8cj7-g558"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/commit/f9fb6574fbeb5a4aa63f7ea87296523e10db9328",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/f9fb6574fbeb5a4aa63f7ea87296523e10db9328"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-46170",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-15T14:32:54.141561Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-15T14:33:06.620Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "CodeIgniter4",
"vendor": "codeigniter4",
"versions": [
{
"status": "affected",
"version": "\u003c 4.2.11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter is a PHP full-stack web framework. When an application uses (1) multiple session cookies (e.g., one for user pages and one for admin pages) and (2) a session handler is set to `DatabaseHandler`, `MemcachedHandler`, or `RedisHandler`, then if an attacker gets one session cookie (e.g., one for user pages), they may be able to access pages that require another session cookie (e.g., for admin pages). This issue has been patched, please upgrade to version 4.2.11 or later. As a workaround, use only one session cookie."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287: Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-22T18:58:17.658Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-6cq5-8cj7-g558",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-6cq5-8cj7-g558"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/commit/f9fb6574fbeb5a4aa63f7ea87296523e10db9328",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/f9fb6574fbeb5a4aa63f7ea87296523e10db9328"
}
],
"source": {
"advisory": "GHSA-6cq5-8cj7-g558",
"discovery": "UNKNOWN"
},
"title": "CodeIgniter is vulnerable to improper authentication via Session Handlers"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-46170",
"datePublished": "2022-12-22T18:58:17.658Z",
"dateReserved": "2022-11-28T17:27:19.998Z",
"dateUpdated": "2025-04-15T14:33:06.620Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1915 (GCVE-0-2012-1915)
Vulnerability from cvelistv5
Published
2020-01-09 20:15
Modified
2024-08-06 19:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
EllisLab CodeIgniter 2.1.2 allows remote attackers to bypass the xss_clean() Filter and perform XSS attacks.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/54620 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:17:27.287Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "54620",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/54620"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-07-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "EllisLab CodeIgniter 2.1.2 allows remote attackers to bypass the xss_clean() Filter and perform XSS attacks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-09T20:15:56",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "54620",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/54620"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1915",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "EllisLab CodeIgniter 2.1.2 allows remote attackers to bypass the xss_clean() Filter and perform XSS attacks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "54620",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/54620"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1915",
"datePublished": "2020-01-09T20:15:56",
"dateReserved": "2012-03-26T00:00:00",
"dateUpdated": "2024-08-06T19:17:27.287Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-46240 (GCVE-0-2023-46240)
Vulnerability from cvelistv5
Published
2023-10-31 15:03
Modified
2024-09-05 17:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-209 - Generation of Error Message Containing Sensitive Information
Summary
CodeIgniter is a PHP full-stack web framework. Prior to CodeIgniter4 version 4.4.3, if an error or exception occurs, a detailed error report is displayed even if in the production environment. As a result, confidential information may be leaked. Version 4.4.3 contains a patch. As a workaround, replace `ini_set('display_errors', '0')` with `ini_set('display_errors', 'Off')` in `app/Config/Boot/production.php`.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| codeigniter4 | CodeIgniter4 |
Version: < 4.4.3 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:37:40.233Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-hwxf-qxj7-7rfj",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-hwxf-qxj7-7rfj"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/commit/423569fc31e29f51635a2e59c89770333f0e7563",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/423569fc31e29f51635a2e59c89770333f0e7563"
},
{
"name": "https://codeigniter4.github.io/userguide/general/errors.html#error-reporting",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://codeigniter4.github.io/userguide/general/errors.html#error-reporting"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-46240",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-05T17:35:16.659348Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T17:36:02.600Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "CodeIgniter4",
"vendor": "codeigniter4",
"versions": [
{
"status": "affected",
"version": "\u003c 4.4.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter is a PHP full-stack web framework. Prior to CodeIgniter4 version 4.4.3, if an error or exception occurs, a detailed error report is displayed even if in the production environment. As a result, confidential information may be leaked. Version 4.4.3 contains a patch. As a workaround, replace `ini_set(\u0027display_errors\u0027, \u00270\u0027)` with `ini_set(\u0027display_errors\u0027, \u0027Off\u0027)` in `app/Config/Boot/production.php`."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-209",
"description": "CWE-209: Generation of Error Message Containing Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-31T15:03:51.798Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-hwxf-qxj7-7rfj",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-hwxf-qxj7-7rfj"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/commit/423569fc31e29f51635a2e59c89770333f0e7563",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/423569fc31e29f51635a2e59c89770333f0e7563"
},
{
"name": "https://codeigniter4.github.io/userguide/general/errors.html#error-reporting",
"tags": [
"x_refsource_MISC"
],
"url": "https://codeigniter4.github.io/userguide/general/errors.html#error-reporting"
}
],
"source": {
"advisory": "GHSA-hwxf-qxj7-7rfj",
"discovery": "UNKNOWN"
},
"title": "CodeIgniter4 vulnerable to information disclosure when detailed error report is displayed in production environment"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-46240",
"datePublished": "2023-10-31T15:03:51.798Z",
"dateReserved": "2023-10-19T20:34:00.947Z",
"dateUpdated": "2024-09-05T17:36:02.600Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-3719 (GCVE-0-2011-3719)
Vulnerability from cvelistv5
Published
2011-09-23 23:00
Modified
2024-09-17 02:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
CodeIgniter 1.7.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by system/scaffolding/views/view.php and certain other files.
References
| ▼ | URL | Tags |
|---|---|---|
| http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/CodeIgniter_1.7.2 | x_refsource_MISC | |
| http://www.openwall.com/lists/oss-security/2011/06/27/6 | mailing-list, x_refsource_MLIST | |
| http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:46:02.454Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/CodeIgniter_1.7.2"
},
{
"name": "[oss-security] 20110627 Re: CVE request: Joomla unspecified information disclosure vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/06/27/6"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter 1.7.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by system/scaffolding/views/view.php and certain other files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-09-23T23:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/CodeIgniter_1.7.2"
},
{
"name": "[oss-security] 20110627 Re: CVE request: Joomla unspecified information disclosure vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/06/27/6"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-3719",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CodeIgniter 1.7.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by system/scaffolding/views/view.php and certain other files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/CodeIgniter_1.7.2",
"refsource": "MISC",
"url": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/CodeIgniter_1.7.2"
},
{
"name": "[oss-security] 20110627 Re: CVE request: Joomla unspecified information disclosure vulnerability",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/06/27/6"
},
{
"name": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README",
"refsource": "MISC",
"url": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-3719",
"datePublished": "2011-09-23T23:00:00Z",
"dateReserved": "2011-09-23T00:00:00Z",
"dateUpdated": "2024-09-17T02:01:19.328Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-40834 (GCVE-0-2022-40834)
Vulnerability from cvelistv5
Published
2022-10-07 00:00
Modified
2024-08-03 12:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_not_like() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:28:42.577Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "B.C. Institute of Technology CodeIgniter \u003c=3.1.13 is vulnerable to SQL Injection via system\\database\\DB_query_builder.php or_not_like() function. Note: Multiple third parties have disputed this as not a valid vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-17T20:19:16.755787",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
}
],
"tags": [
"disputed"
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-40834",
"datePublished": "2022-10-07T00:00:00",
"dateReserved": "2022-09-19T00:00:00",
"dateUpdated": "2024-08-03T12:28:42.577Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-40833 (GCVE-0-2022-40833)
Vulnerability from cvelistv5
Published
2022-10-07 00:00
Modified
2024-08-03 12:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_where_in() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-40833",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-20T18:14:05.745479Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:15:37.441Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:28:42.527Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "B.C. Institute of Technology CodeIgniter \u003c=3.1.13 is vulnerable to SQL Injection via system\\database\\DB_query_builder.php or_where_in() function. Note: Multiple third parties have disputed this as not a valid vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-17T20:20:01.424878",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
}
],
"tags": [
"disputed"
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-40833",
"datePublished": "2022-10-07T00:00:00",
"dateReserved": "2022-09-19T00:00:00",
"dateUpdated": "2024-08-03T12:28:42.527Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-8684 (GCVE-0-2014-8684)
Vulnerability from cvelistv5
Published
2017-09-19 19:00
Modified
2024-08-06 13:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
CodeIgniter before 3.0 and Kohana 3.2.3 and earlier and 3.3.x through 3.3.2 make it easier for remote attackers to spoof session cookies and consequently conduct PHP object injection attacks by leveraging use of standard string comparison operators to compare cryptographic hashes.
References
| ▼ | URL | Tags |
|---|---|---|
| https://scott.arciszewski.me/research/full/php-framework-timing-attacks-object-injection | x_refsource_MISC | |
| http://seclists.org/fulldisclosure/2014/May/54 | mailing-list, x_refsource_FULLDISC | |
| https://github.com/kohana/core/pull/492 | x_refsource_CONFIRM | |
| http://packetstormsecurity.com/files/130609/Seagate-Business-NAS-Unauthenticated-Remote-Command-Execution.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:26:02.543Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://scott.arciszewski.me/research/full/php-framework-timing-attacks-object-injection"
},
{
"name": "20140512 CodeIgniter \u003c= 2.1.4 and Kohana \u003c= 3.2.3, 3.3.2 - Timing Attacks and Object Injection",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/May/54"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/kohana/core/pull/492"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/130609/Seagate-Business-NAS-Unauthenticated-Remote-Command-Execution.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-05-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter before 3.0 and Kohana 3.2.3 and earlier and 3.3.x through 3.3.2 make it easier for remote attackers to spoof session cookies and consequently conduct PHP object injection attacks by leveraging use of standard string comparison operators to compare cryptographic hashes."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-19T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://scott.arciszewski.me/research/full/php-framework-timing-attacks-object-injection"
},
{
"name": "20140512 CodeIgniter \u003c= 2.1.4 and Kohana \u003c= 3.2.3, 3.3.2 - Timing Attacks and Object Injection",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2014/May/54"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/kohana/core/pull/492"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/130609/Seagate-Business-NAS-Unauthenticated-Remote-Command-Execution.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-8684",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CodeIgniter before 3.0 and Kohana 3.2.3 and earlier and 3.3.x through 3.3.2 make it easier for remote attackers to spoof session cookies and consequently conduct PHP object injection attacks by leveraging use of standard string comparison operators to compare cryptographic hashes."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://scott.arciszewski.me/research/full/php-framework-timing-attacks-object-injection",
"refsource": "MISC",
"url": "https://scott.arciszewski.me/research/full/php-framework-timing-attacks-object-injection"
},
{
"name": "20140512 CodeIgniter \u003c= 2.1.4 and Kohana \u003c= 3.2.3, 3.3.2 - Timing Attacks and Object Injection",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/May/54"
},
{
"name": "https://github.com/kohana/core/pull/492",
"refsource": "CONFIRM",
"url": "https://github.com/kohana/core/pull/492"
},
{
"name": "http://packetstormsecurity.com/files/130609/Seagate-Business-NAS-Unauthenticated-Remote-Command-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/130609/Seagate-Business-NAS-Unauthenticated-Remote-Command-Execution.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-8684",
"datePublished": "2017-09-19T19:00:00",
"dateReserved": "2014-11-09T00:00:00",
"dateUpdated": "2024-08-06T13:26:02.543Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-40828 (GCVE-0-2022-40828)
Vulnerability from cvelistv5
Published
2022-10-07 00:00
Modified
2025-04-09 18:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_where_not_in() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-40828",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-09T18:23:56.231087Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-09T18:24:00.396Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:28:42.909Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "B.C. Institute of Technology CodeIgniter \u003c=3.1.13 is vulnerable to SQL Injection via system\\database\\DB_query_builder.php or_where_not_in() function. Note: Multiple third parties have disputed this as not a valid vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-17T20:23:38.365Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
}
],
"tags": [
"disputed"
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-40828",
"datePublished": "2022-10-07T00:00:00.000Z",
"dateReserved": "2022-09-19T00:00:00.000Z",
"dateUpdated": "2025-04-09T18:24:00.396Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-8686 (GCVE-0-2014-8686)
Vulnerability from cvelistv5
Published
2017-09-19 19:00
Modified
2024-08-06 13:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
CodeIgniter before 2.2.0 makes it easier for attackers to decode session cookies by leveraging fallback to a custom XOR-based encryption scheme when the Mcrypt extension for PHP is not available.
References
| ▼ | URL | Tags |
|---|---|---|
| https://beyondbinary.io/articles/seagate-nas-rce/ | x_refsource_MISC | |
| http://packetstormsecurity.com/files/130609/Seagate-Business-NAS-Unauthenticated-Remote-Command-Execution.html | x_refsource_MISC | |
| https://www.dionach.com/blog/codeigniter-session-decoding-vulnerability | x_refsource_MISC | |
| https://codeigniter.com/userguide2/changelog.html | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:26:02.447Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://beyondbinary.io/articles/seagate-nas-rce/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/130609/Seagate-Business-NAS-Unauthenticated-Remote-Command-Execution.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.dionach.com/blog/codeigniter-session-decoding-vulnerability"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://codeigniter.com/userguide2/changelog.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-06-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter before 2.2.0 makes it easier for attackers to decode session cookies by leveraging fallback to a custom XOR-based encryption scheme when the Mcrypt extension for PHP is not available."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-19T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://beyondbinary.io/articles/seagate-nas-rce/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/130609/Seagate-Business-NAS-Unauthenticated-Remote-Command-Execution.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.dionach.com/blog/codeigniter-session-decoding-vulnerability"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://codeigniter.com/userguide2/changelog.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-8686",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CodeIgniter before 2.2.0 makes it easier for attackers to decode session cookies by leveraging fallback to a custom XOR-based encryption scheme when the Mcrypt extension for PHP is not available."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://beyondbinary.io/articles/seagate-nas-rce/",
"refsource": "MISC",
"url": "https://beyondbinary.io/articles/seagate-nas-rce/"
},
{
"name": "http://packetstormsecurity.com/files/130609/Seagate-Business-NAS-Unauthenticated-Remote-Command-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/130609/Seagate-Business-NAS-Unauthenticated-Remote-Command-Execution.html"
},
{
"name": "https://www.dionach.com/blog/codeigniter-session-decoding-vulnerability",
"refsource": "MISC",
"url": "https://www.dionach.com/blog/codeigniter-session-decoding-vulnerability"
},
{
"name": "https://codeigniter.com/userguide2/changelog.html",
"refsource": "CONFIRM",
"url": "https://codeigniter.com/userguide2/changelog.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-8686",
"datePublished": "2017-09-19T19:00:00",
"dateReserved": "2014-11-09T00:00:00",
"dateUpdated": "2024-08-06T13:26:02.447Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-40831 (GCVE-0-2022-40831)
Vulnerability from cvelistv5
Published
2022-10-07 00:00
Modified
2024-08-03 12:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php like() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:28:42.882Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "B.C. Institute of Technology CodeIgniter \u003c=3.1.13 is vulnerable to SQL Injection via system\\database\\DB_query_builder.php like() function. Note: Multiple third parties have disputed this as not a valid vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-17T20:21:43.519185",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
}
],
"tags": [
"disputed"
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-40831",
"datePublished": "2022-10-07T00:00:00",
"dateReserved": "2022-09-19T00:00:00",
"dateUpdated": "2024-08-03T12:28:42.882Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-40835 (GCVE-0-2022-40835)
Vulnerability from cvelistv5
Published
2022-10-07 00:00
Modified
2024-08-03 12:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php. Note: Multiple third parties have disputed this as not a valid vulnerability
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:28:42.681Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "B.C. Institute of Technology CodeIgniter \u003c=3.1.13 is vulnerable to SQL Injection via system\\database\\DB_query_builder.php. Note: Multiple third parties have disputed this as not a valid vulnerability"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-17T20:17:37.371052",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
}
],
"tags": [
"disputed"
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-40835",
"datePublished": "2022-10-07T00:00:00",
"dateReserved": "2022-09-19T00:00:00",
"dateUpdated": "2024-08-03T12:28:42.681Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-10131 (GCVE-0-2016-10131)
Vulnerability from cvelistv5
Published
2017-01-12 06:06
Modified
2024-08-06 03:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
system/libraries/Email.php in CodeIgniter before 3.1.3 allows remote attackers to execute arbitrary code by leveraging control over the email->from field to insert sendmail command-line arguments.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/bcit-ci/CodeIgniter/pull/4966 | x_refsource_MISC | |
| https://github.com/bcit-ci/CodeIgniter/issues/4963 | x_refsource_MISC | |
| https://gist.github.com/Zenexer/40d02da5e07f151adeaeeaa11af9ab36 | x_refsource_MISC | |
| http://www.securityfocus.com/bid/96851 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T03:14:41.312Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/bcit-ci/CodeIgniter/pull/4966"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/bcit-ci/CodeIgniter/issues/4963"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gist.github.com/Zenexer/40d02da5e07f151adeaeeaa11af9ab36"
},
{
"name": "96851",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96851"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-01-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "system/libraries/Email.php in CodeIgniter before 3.1.3 allows remote attackers to execute arbitrary code by leveraging control over the email-\u003efrom field to insert sendmail command-line arguments."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-03-15T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bcit-ci/CodeIgniter/pull/4966"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bcit-ci/CodeIgniter/issues/4963"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gist.github.com/Zenexer/40d02da5e07f151adeaeeaa11af9ab36"
},
{
"name": "96851",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96851"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-10131",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "system/libraries/Email.php in CodeIgniter before 3.1.3 allows remote attackers to execute arbitrary code by leveraging control over the email-\u003efrom field to insert sendmail command-line arguments."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/bcit-ci/CodeIgniter/pull/4966",
"refsource": "MISC",
"url": "https://github.com/bcit-ci/CodeIgniter/pull/4966"
},
{
"name": "https://github.com/bcit-ci/CodeIgniter/issues/4963",
"refsource": "MISC",
"url": "https://github.com/bcit-ci/CodeIgniter/issues/4963"
},
{
"name": "https://gist.github.com/Zenexer/40d02da5e07f151adeaeeaa11af9ab36",
"refsource": "MISC",
"url": "https://gist.github.com/Zenexer/40d02da5e07f151adeaeeaa11af9ab36"
},
{
"name": "96851",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96851"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-10131",
"datePublished": "2017-01-12T06:06:00",
"dateReserved": "2017-01-12T00:00:00",
"dateUpdated": "2024-08-06T03:14:41.312Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-29904 (GCVE-0-2024-29904)
Vulnerability from cvelistv5
Published
2024-03-29 15:32
Modified
2024-08-21 22:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Summary
CodeIgniter is a PHP full-stack web framework A vulnerability was found in the Language class that allowed DoS attacks. This vulnerability can be exploited by an attacker to consume a large amount of memory on the server. Upgrade to v4.4.7 or later.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-39fp-mqmm-gxj6 | x_refsource_CONFIRM | |
| https://github.com/codeigniter4/CodeIgniter4/commit/fa851acbae7ae4c5a97f8f38ae87aa0822a334c0 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| codeigniter4 | CodeIgniter4 |
Version: < 4.4.7 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:17:58.591Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-39fp-mqmm-gxj6",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-39fp-mqmm-gxj6"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/commit/fa851acbae7ae4c5a97f8f38ae87aa0822a334c0",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/fa851acbae7ae4c5a97f8f38ae87aa0822a334c0"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "codeigniter",
"vendor": "codeigniter",
"versions": [
{
"lessThan": "4.4.7",
"status": "affected",
"version": "4.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-29904",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-01T20:01:34.809685Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-21T22:44:16.609Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "CodeIgniter4",
"vendor": "codeigniter4",
"versions": [
{
"status": "affected",
"version": "\u003c 4.4.7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter is a PHP full-stack web framework A vulnerability was found in the Language class that allowed DoS attacks. This vulnerability can be exploited by an attacker to consume a large amount of memory on the server. Upgrade to v4.4.7 or later. \n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-835",
"description": "CWE-835: Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-29T15:32:38.686Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-39fp-mqmm-gxj6",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-39fp-mqmm-gxj6"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/commit/fa851acbae7ae4c5a97f8f38ae87aa0822a334c0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/fa851acbae7ae4c5a97f8f38ae87aa0822a334c0"
}
],
"source": {
"advisory": "GHSA-39fp-mqmm-gxj6",
"discovery": "UNKNOWN"
},
"title": "CodeIgniter4 Language class DoS Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-29904",
"datePublished": "2024-03-29T15:32:38.686Z",
"dateReserved": "2024-03-21T15:12:09.000Z",
"dateUpdated": "2024-08-21T22:44:16.609Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-35943 (GCVE-0-2022-35943)
Vulnerability from cvelistv5
Published
2022-08-12 20:55
Modified
2025-04-22 17:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-352 - Cross-Site Request Forgery (CSRF)
Summary
Shield is an authentication and authorization framework for CodeIgniter 4. This vulnerability may allow [SameSite Attackers](https://canitakeyoursubdomain.name/) to bypass the [CodeIgniter4 CSRF protection](https://codeigniter4.github.io/userguide/libraries/security.html) mechanism with CodeIgniter Shield. For this attack to succeed, the attacker must have direct (or indirect, e.g., XSS) control over a subdomain site (e.g., `https://a.example.com/`) of the target site (e.g., `http://example.com/`). Upgrade to **CodeIgniter v4.2.3 or later** and **Shield v1.0.0-beta.2 or later**. As a workaround: set `Config\Security::$csrfProtection` to `'session,'`remove old session data right after login (immediately after ID and password match) and regenerate CSRF token right after login (immediately after ID and password match)
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/codeigniter4/shield/security/advisories/GHSA-5hm8-vh6r-2cjq | x_refsource_CONFIRM | |
| https://codeigniter4.github.io/userguide/libraries/security.htm | x_refsource_MISC | |
| https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite | x_refsource_MISC | |
| https://jub0bs.com/posts/2021-01-29-great-samesite-confusion | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| codeigniter4 | shield |
Version: > 4.3.2, > v1.0.0-beta.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:51:59.707Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/codeigniter4/shield/security/advisories/GHSA-5hm8-vh6r-2cjq"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://codeigniter4.github.io/userguide/libraries/security.htm"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jub0bs.com/posts/2021-01-29-great-samesite-confusion"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-35943",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-22T15:45:07.423965Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-22T17:42:18.166Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "shield",
"vendor": "codeigniter4",
"versions": [
{
"status": "affected",
"version": "\u003e 4.3.2, \u003e v1.0.0-beta.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shield is an authentication and authorization framework for CodeIgniter 4. This vulnerability may allow [SameSite Attackers](https://canitakeyoursubdomain.name/) to bypass the [CodeIgniter4 CSRF protection](https://codeigniter4.github.io/userguide/libraries/security.html) mechanism with CodeIgniter Shield. For this attack to succeed, the attacker must have direct (or indirect, e.g., XSS) control over a subdomain site (e.g., `https://a.example.com/`) of the target site (e.g., `http://example.com/`). Upgrade to **CodeIgniter v4.2.3 or later** and **Shield v1.0.0-beta.2 or later**. As a workaround: set `Config\\Security::$csrfProtection` to `\u0027session,\u0027`remove old session data right after login (immediately after ID and password match) and regenerate CSRF token right after login (immediately after ID and password match)"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352: Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-12T20:55:10.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/codeigniter4/shield/security/advisories/GHSA-5hm8-vh6r-2cjq"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://codeigniter4.github.io/userguide/libraries/security.htm"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jub0bs.com/posts/2021-01-29-great-samesite-confusion"
}
],
"source": {
"advisory": "GHSA-5hm8-vh6r-2cjq",
"discovery": "UNKNOWN"
},
"title": "SameSite may allow cross-site request forgery (CSRF) protection to be bypassed",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-35943",
"STATE": "PUBLIC",
"TITLE": "SameSite may allow cross-site request forgery (CSRF) protection to be bypassed"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "shield",
"version": {
"version_data": [
{
"version_value": "\u003e 4.3.2, \u003e v1.0.0-beta.2"
}
]
}
}
]
},
"vendor_name": "codeigniter4"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Shield is an authentication and authorization framework for CodeIgniter 4. This vulnerability may allow [SameSite Attackers](https://canitakeyoursubdomain.name/) to bypass the [CodeIgniter4 CSRF protection](https://codeigniter4.github.io/userguide/libraries/security.html) mechanism with CodeIgniter Shield. For this attack to succeed, the attacker must have direct (or indirect, e.g., XSS) control over a subdomain site (e.g., `https://a.example.com/`) of the target site (e.g., `http://example.com/`). Upgrade to **CodeIgniter v4.2.3 or later** and **Shield v1.0.0-beta.2 or later**. As a workaround: set `Config\\Security::$csrfProtection` to `\u0027session,\u0027`remove old session data right after login (immediately after ID and password match) and regenerate CSRF token right after login (immediately after ID and password match)"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-352: Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/codeigniter4/shield/security/advisories/GHSA-5hm8-vh6r-2cjq",
"refsource": "CONFIRM",
"url": "https://github.com/codeigniter4/shield/security/advisories/GHSA-5hm8-vh6r-2cjq"
},
{
"name": "https://codeigniter4.github.io/userguide/libraries/security.htm",
"refsource": "MISC",
"url": "https://codeigniter4.github.io/userguide/libraries/security.htm"
},
{
"name": "https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite",
"refsource": "MISC",
"url": "https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite"
},
{
"name": "https://jub0bs.com/posts/2021-01-29-great-samesite-confusion",
"refsource": "MISC",
"url": "https://jub0bs.com/posts/2021-01-29-great-samesite-confusion"
}
]
},
"source": {
"advisory": "GHSA-5hm8-vh6r-2cjq",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-35943",
"datePublished": "2022-08-12T20:55:10.000Z",
"dateReserved": "2022-07-15T00:00:00.000Z",
"dateUpdated": "2025-04-22T17:42:18.166Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-3706 (GCVE-0-2007-3706)
Vulnerability from cvelistv5
Published
2007-07-11 23:00
Modified
2024-08-07 14:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The _sanitize_globals function in CodeIgniter 1.5.3 before 20070628 allows remote attackers to unset arbitrary global variables with unspecified impact, as demonstrated by a _SERVER cookie.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/25991 | third-party-advisory, x_refsource_SECUNIA | |
| http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064500.html | mailing-list, x_refsource_FULLDISC | |
| http://www.securityfocus.com/archive/1/473190/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://osvdb.org/37905 | vdb-entry, x_refsource_OSVDB | |
| http://securityreason.com/securityalert/2877 | third-party-advisory, x_refsource_SREASON |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:28:52.070Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "25991",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25991"
},
{
"name": "20070709 CodeIgniter 1.5.3 vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064500.html"
},
{
"name": "20070708 CodeIgniter 1.5.3 vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/473190/100/0/threaded"
},
{
"name": "37905",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/37905"
},
{
"name": "2877",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2877"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The _sanitize_globals function in CodeIgniter 1.5.3 before 20070628 allows remote attackers to unset arbitrary global variables with unspecified impact, as demonstrated by a _SERVER cookie."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "25991",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25991"
},
{
"name": "20070709 CodeIgniter 1.5.3 vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064500.html"
},
{
"name": "20070708 CodeIgniter 1.5.3 vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/473190/100/0/threaded"
},
{
"name": "37905",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/37905"
},
{
"name": "2877",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2877"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3706",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The _sanitize_globals function in CodeIgniter 1.5.3 before 20070628 allows remote attackers to unset arbitrary global variables with unspecified impact, as demonstrated by a _SERVER cookie."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "25991",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25991"
},
{
"name": "20070709 CodeIgniter 1.5.3 vulnerabilities",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064500.html"
},
{
"name": "20070708 CodeIgniter 1.5.3 vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/473190/100/0/threaded"
},
{
"name": "37905",
"refsource": "OSVDB",
"url": "http://osvdb.org/37905"
},
{
"name": "2877",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2877"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-3706",
"datePublished": "2007-07-11T23:00:00",
"dateReserved": "2007-07-11T00:00:00",
"dateUpdated": "2024-08-07T14:28:52.070Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-24013 (GCVE-0-2025-24013)
Vulnerability from cvelistv5
Published
2025-01-20 15:57
Modified
2025-01-21 14:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-436 - Interpretation Conflict
Summary
CodeIgniter is a PHP full-stack web framework. Prior to 4.5.8, CodeIgniter lacked proper header validation for its name and value. The potential attacker can construct deliberately malformed headers with Header class. This could disrupt application functionality, potentially causing errors or generating invalid HTTP requests. In some cases, these malformed requests might lead to a DoS scenario if a remote service’s web application firewall interprets them as malicious and blocks further communication with the application. This vulnerability is fixed in 4.5.8.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-x5mq-jjr3-vmx6 | x_refsource_CONFIRM | |
| https://github.com/codeigniter4/CodeIgniter4/commit/5f8aa24280fb09947897d6b322bf1f0e038b13b6 | x_refsource_MISC | |
| https://datatracker.ietf.org/doc/html/rfc7230#section-3.2 | x_refsource_MISC | |
| https://github.com/advisories/GHSA-wxmh-65f7-jcvw | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| codeigniter4 | CodeIgniter4 |
Version: < 4.5.8 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24013",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-21T14:50:53.085014Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-21T14:51:01.754Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "CodeIgniter4",
"vendor": "codeigniter4",
"versions": [
{
"status": "affected",
"version": "\u003c 4.5.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter is a PHP full-stack web framework. Prior to 4.5.8, CodeIgniter lacked proper header validation for its name and value. The potential attacker can construct deliberately malformed headers with Header class. This could disrupt application functionality, potentially causing errors or generating invalid HTTP requests. In some cases, these malformed requests might lead to a DoS scenario if a remote service\u2019s web application firewall interprets them as malicious and blocks further communication with the application. This vulnerability is fixed in 4.5.8."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-436",
"description": "CWE-436: Interpretation Conflict",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-20T15:58:32.110Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-x5mq-jjr3-vmx6",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-x5mq-jjr3-vmx6"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/commit/5f8aa24280fb09947897d6b322bf1f0e038b13b6",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/5f8aa24280fb09947897d6b322bf1f0e038b13b6"
},
{
"name": "https://datatracker.ietf.org/doc/html/rfc7230#section-3.2",
"tags": [
"x_refsource_MISC"
],
"url": "https://datatracker.ietf.org/doc/html/rfc7230#section-3.2"
},
{
"name": "https://github.com/advisories/GHSA-wxmh-65f7-jcvw",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/advisories/GHSA-wxmh-65f7-jcvw"
}
],
"source": {
"advisory": "GHSA-x5mq-jjr3-vmx6",
"discovery": "UNKNOWN"
},
"title": "CodeIgniter validation of header name and value"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-24013",
"datePublished": "2025-01-20T15:57:37.975Z",
"dateReserved": "2025-01-16T17:31:06.458Z",
"dateUpdated": "2025-01-21T14:51:01.754Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-3708 (GCVE-0-2007-3708)
Vulnerability from cvelistv5
Published
2007-07-11 23:00
Modified
2024-08-07 14:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cross-site scripting (XSS) vulnerability in CodeIgniter 1.5.3 before 20070626 allows remote attackers to inject arbitrary web script or HTML via (1) String.fromCharCode and (2) malformed nested tag manipulations in an unspecified component, related to insufficient sanitization by the xss_clean function.
References
| ▼ | URL | Tags |
|---|---|---|
| http://osvdb.org/37907 | vdb-entry, x_refsource_OSVDB | |
| http://secunia.com/advisories/25991 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/35350 | vdb-entry, x_refsource_XF | |
| http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064500.html | mailing-list, x_refsource_FULLDISC | |
| http://www.securityfocus.com/archive/1/473190/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://securityreason.com/securityalert/2877 | third-party-advisory, x_refsource_SREASON |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:28:52.188Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "37907",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/37907"
},
{
"name": "25991",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25991"
},
{
"name": "codeigniter-xssclean-xss(35350)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35350"
},
{
"name": "20070709 CodeIgniter 1.5.3 vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064500.html"
},
{
"name": "20070708 CodeIgniter 1.5.3 vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/473190/100/0/threaded"
},
{
"name": "2877",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2877"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in CodeIgniter 1.5.3 before 20070626 allows remote attackers to inject arbitrary web script or HTML via (1) String.fromCharCode and (2) malformed nested tag manipulations in an unspecified component, related to insufficient sanitization by the xss_clean function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "37907",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/37907"
},
{
"name": "25991",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25991"
},
{
"name": "codeigniter-xssclean-xss(35350)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35350"
},
{
"name": "20070709 CodeIgniter 1.5.3 vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064500.html"
},
{
"name": "20070708 CodeIgniter 1.5.3 vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/473190/100/0/threaded"
},
{
"name": "2877",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2877"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3708",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in CodeIgniter 1.5.3 before 20070626 allows remote attackers to inject arbitrary web script or HTML via (1) String.fromCharCode and (2) malformed nested tag manipulations in an unspecified component, related to insufficient sanitization by the xss_clean function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "37907",
"refsource": "OSVDB",
"url": "http://osvdb.org/37907"
},
{
"name": "25991",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25991"
},
{
"name": "codeigniter-xssclean-xss(35350)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35350"
},
{
"name": "20070709 CodeIgniter 1.5.3 vulnerabilities",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064500.html"
},
{
"name": "20070708 CodeIgniter 1.5.3 vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/473190/100/0/threaded"
},
{
"name": "2877",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2877"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-3708",
"datePublished": "2007-07-11T23:00:00",
"dateReserved": "2007-07-11T00:00:00",
"dateUpdated": "2024-08-07T14:28:52.188Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-21647 (GCVE-0-2022-21647)
Vulnerability from cvelistv5
Published
2022-01-04 20:05
Modified
2025-04-23 19:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-502 - Deserialization of Untrusted Data
Summary
CodeIgniter is an open source PHP full-stack web framework. Deserialization of Untrusted Data was found in the `old()` function in CodeIgniter4. Remote attackers may inject auto-loadable arbitrary objects with this vulnerability, and possibly execute existing PHP code on the server. We are aware of a working exploit, which can lead to SQL injection. Users are advised to upgrade to v4.1.6 or later. Users unable to upgrade as advised to not use the `old()` function and form_helper nor `RedirectResponse::withInput()` and `redirect()->withInput()`.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-w6jr-wj64-mc9x | x_refsource_CONFIRM | |
| https://github.com/codeigniter4/CodeIgniter4/commit/ce95ed5765256e2f09f3513e7d42790e0d6948f5 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| codeigniter4 | CodeIgniter4 |
Version: < 4.1.6 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:46:39.441Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-w6jr-wj64-mc9x"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/ce95ed5765256e2f09f3513e7d42790e0d6948f5"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-21647",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T14:12:44.335893Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T19:14:59.823Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "CodeIgniter4",
"vendor": "codeigniter4",
"versions": [
{
"status": "affected",
"version": "\u003c 4.1.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter is an open source PHP full-stack web framework. Deserialization of Untrusted Data was found in the `old()` function in CodeIgniter4. Remote attackers may inject auto-loadable arbitrary objects with this vulnerability, and possibly execute existing PHP code on the server. We are aware of a working exploit, which can lead to SQL injection. Users are advised to upgrade to v4.1.6 or later. Users unable to upgrade as advised to not use the `old()` function and form_helper nor `RedirectResponse::withInput()` and `redirect()-\u003ewithInput()`."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502: Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-04T20:05:11.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-w6jr-wj64-mc9x"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/ce95ed5765256e2f09f3513e7d42790e0d6948f5"
}
],
"source": {
"advisory": "GHSA-w6jr-wj64-mc9x",
"discovery": "UNKNOWN"
},
"title": "Deserialization of Untrusted Data in Codeigniter4",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-21647",
"STATE": "PUBLIC",
"TITLE": "Deserialization of Untrusted Data in Codeigniter4"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CodeIgniter4",
"version": {
"version_data": [
{
"version_value": "\u003c 4.1.6"
}
]
}
}
]
},
"vendor_name": "codeigniter4"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CodeIgniter is an open source PHP full-stack web framework. Deserialization of Untrusted Data was found in the `old()` function in CodeIgniter4. Remote attackers may inject auto-loadable arbitrary objects with this vulnerability, and possibly execute existing PHP code on the server. We are aware of a working exploit, which can lead to SQL injection. Users are advised to upgrade to v4.1.6 or later. Users unable to upgrade as advised to not use the `old()` function and form_helper nor `RedirectResponse::withInput()` and `redirect()-\u003ewithInput()`."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-502: Deserialization of Untrusted Data"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-w6jr-wj64-mc9x",
"refsource": "CONFIRM",
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-w6jr-wj64-mc9x"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/commit/ce95ed5765256e2f09f3513e7d42790e0d6948f5",
"refsource": "MISC",
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/ce95ed5765256e2f09f3513e7d42790e0d6948f5"
}
]
},
"source": {
"advisory": "GHSA-w6jr-wj64-mc9x",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-21647",
"datePublished": "2022-01-04T20:05:11.000Z",
"dateReserved": "2021-11-16T00:00:00.000Z",
"dateUpdated": "2025-04-23T19:14:59.823Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-40832 (GCVE-0-2022-40832)
Vulnerability from cvelistv5
Published
2022-10-07 00:00
Modified
2024-08-03 12:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php having() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:28:42.560Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "B.C. Institute of Technology CodeIgniter \u003c=3.1.13 is vulnerable to SQL Injection via system\\database\\DB_query_builder.php having() function. Note: Multiple third parties have disputed this as not a valid vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-17T20:20:57.690522",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
}
],
"tags": [
"disputed"
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-40832",
"datePublished": "2022-10-07T00:00:00",
"dateReserved": "2022-09-19T00:00:00",
"dateUpdated": "2024-08-03T12:28:42.560Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4891 (GCVE-0-2013-4891)
Vulnerability from cvelistv5
Published
2018-02-21 16:00
Modified
2024-08-06 16:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The xss_clean function in CodeIgniter before 2.1.4 might allow remote attackers to bypass an intended protection mechanism and conduct cross-site scripting (XSS) attacks via an unclosed HTML tag.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nealpoole.com/blog/2013/07/codeigniter-21-xss-clean-filter-bypass/ | x_refsource_MISC | |
| https://github.com/bcit-ci/CodeIgniter/issues/4020 | x_refsource_CONFIRM | |
| https://www.codeigniter.com/userguide2/changelog.html | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:59:41.043Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://nealpoole.com/blog/2013/07/codeigniter-21-xss-clean-filter-bypass/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/bcit-ci/CodeIgniter/issues/4020"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.codeigniter.com/userguide2/changelog.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-07-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The xss_clean function in CodeIgniter before 2.1.4 might allow remote attackers to bypass an intended protection mechanism and conduct cross-site scripting (XSS) attacks via an unclosed HTML tag."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-21T15:57:02",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://nealpoole.com/blog/2013/07/codeigniter-21-xss-clean-filter-bypass/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/bcit-ci/CodeIgniter/issues/4020"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.codeigniter.com/userguide2/changelog.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-4891",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The xss_clean function in CodeIgniter before 2.1.4 might allow remote attackers to bypass an intended protection mechanism and conduct cross-site scripting (XSS) attacks via an unclosed HTML tag."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nealpoole.com/blog/2013/07/codeigniter-21-xss-clean-filter-bypass/",
"refsource": "MISC",
"url": "https://nealpoole.com/blog/2013/07/codeigniter-21-xss-clean-filter-bypass/"
},
{
"name": "https://github.com/bcit-ci/CodeIgniter/issues/4020",
"refsource": "CONFIRM",
"url": "https://github.com/bcit-ci/CodeIgniter/issues/4020"
},
{
"name": "https://www.codeigniter.com/userguide2/changelog.html",
"refsource": "CONFIRM",
"url": "https://www.codeigniter.com/userguide2/changelog.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-4891",
"datePublished": "2018-02-21T16:00:00",
"dateReserved": "2013-07-24T00:00:00",
"dateUpdated": "2024-08-06T16:59:41.043Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-40824 (GCVE-0-2022-40824)
Vulnerability from cvelistv5
Published
2022-10-07 00:00
Modified
2024-08-03 12:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_where() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:bcit-ci:codeigniter:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "codeigniter",
"vendor": "bcit-ci",
"versions": [
{
"lessThanOrEqual": "3.1.13",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-40824",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-21T18:40:35.376409Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-05T19:16:34.316Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:28:42.555Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "B.C. Institute of Technology CodeIgniter \u003c=3.1.13 is vulnerable to SQL Injection via system\\database\\DB_query_builder.php or_where() function. Note: Multiple third parties have disputed this as not a valid vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-17T20:27:08.768964",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
}
],
"tags": [
"disputed"
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-40824",
"datePublished": "2022-10-07T00:00:00",
"dateReserved": "2022-09-19T00:00:00",
"dateUpdated": "2024-08-03T12:28:42.555Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-40825 (GCVE-0-2022-40825)
Vulnerability from cvelistv5
Published
2022-10-07 00:00
Modified
2024-08-03 12:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php where_in() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:28:42.579Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "B.C. Institute of Technology CodeIgniter \u003c=3.1.13 is vulnerable to SQL Injection via system\\database\\DB_query_builder.php where_in() function. Note: Multiple third parties have disputed this as not a valid vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-17T20:26:23.088093",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
}
],
"tags": [
"disputed"
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-40825",
"datePublished": "2022-10-07T00:00:00",
"dateReserved": "2022-09-19T00:00:00",
"dateUpdated": "2024-08-03T12:28:42.579Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-39284 (GCVE-0-2022-39284)
Vulnerability from cvelistv5
Published
2022-10-06 00:00
Modified
2025-04-22 17:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-665 - Improper Initialization
Summary
CodeIgniter is a PHP full-stack web framework. In versions prior to 4.2.7 setting `$secure` or `$httponly` value to `true` in `Config\Cookie` is not reflected in `set_cookie()` or `Response::setCookie()`. As a result cookie values are erroneously exposed to scripts. It should be noted that this vulnerability does not affect session cookies. Users are advised to upgrade to v4.2.7 or later. Users unable to upgrade are advised to manually construct their cookies either by setting the options in code or by constructing Cookie objects. Examples of each workaround are available in the linked GHSA.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| codeigniter4 | CodeIgniter4 |
Version: < 4.2.7 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:00:43.631Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-745p-r637-7vvp"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/issues/6540"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/pull/6544"
},
{
"tags": [
"x_transferred"
],
"url": "https://codeigniter4.github.io/userguide/helpers/cookie_helper.html#set_cookie"
},
{
"tags": [
"x_transferred"
],
"url": "https://codeigniter4.github.io/userguide/outgoing/response.html#CodeIgniter%5CHTTP%5CResponse::setCookie"
},
{
"tags": [
"x_transferred"
],
"url": "https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies#restrict_access_to_cookies"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-39284",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-22T15:43:55.091660Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-22T17:19:34.229Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "CodeIgniter4",
"vendor": "codeigniter4",
"versions": [
{
"status": "affected",
"version": "\u003c 4.2.7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter is a PHP full-stack web framework. In versions prior to 4.2.7 setting `$secure` or `$httponly` value to `true` in `Config\\Cookie` is not reflected in `set_cookie()` or `Response::setCookie()`. As a result cookie values are erroneously exposed to scripts. It should be noted that this vulnerability does not affect session cookies. Users are advised to upgrade to v4.2.7 or later. Users unable to upgrade are advised to manually construct their cookies either by setting the options in code or by constructing Cookie objects. Examples of each workaround are available in the linked GHSA."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-665",
"description": "CWE-665: Improper Initialization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-11T00:00:00.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-745p-r637-7vvp"
},
{
"url": "https://github.com/codeigniter4/CodeIgniter4/issues/6540"
},
{
"url": "https://github.com/codeigniter4/CodeIgniter4/pull/6544"
},
{
"url": "https://codeigniter4.github.io/userguide/helpers/cookie_helper.html#set_cookie"
},
{
"url": "https://codeigniter4.github.io/userguide/outgoing/response.html#CodeIgniter%5CHTTP%5CResponse::setCookie"
},
{
"url": "https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies#restrict_access_to_cookies"
}
],
"source": {
"advisory": "GHSA-745p-r637-7vvp",
"discovery": "UNKNOWN"
},
"title": "Secure or HttpOnly flag set in Config\\Cookie is not reflected in Cookies issued in Codeigniter4"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-39284",
"datePublished": "2022-10-06T00:00:00.000Z",
"dateReserved": "2022-09-02T00:00:00.000Z",
"dateUpdated": "2025-04-22T17:19:34.229Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-3709 (GCVE-0-2007-3709)
Vulnerability from cvelistv5
Published
2007-07-11 23:00
Modified
2024-08-07 14:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
CRLF injection vulnerability in the redirect function in url_helper.php in CodeIgniter 1.5.3 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in an unspecified parameter, as demonstrated by a Set-Cookie header.
References
| ▼ | URL | Tags |
|---|---|---|
| http://osvdb.org/39370 | vdb-entry, x_refsource_OSVDB | |
| http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064500.html | mailing-list, x_refsource_FULLDISC | |
| http://www.securityfocus.com/archive/1/473190/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://securityreason.com/securityalert/2877 | third-party-advisory, x_refsource_SREASON |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:28:51.952Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "39370",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/39370"
},
{
"name": "20070709 CodeIgniter 1.5.3 vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064500.html"
},
{
"name": "20070708 CodeIgniter 1.5.3 vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/473190/100/0/threaded"
},
{
"name": "2877",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2877"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "CRLF injection vulnerability in the redirect function in url_helper.php in CodeIgniter 1.5.3 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in an unspecified parameter, as demonstrated by a Set-Cookie header."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "39370",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/39370"
},
{
"name": "20070709 CodeIgniter 1.5.3 vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064500.html"
},
{
"name": "20070708 CodeIgniter 1.5.3 vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/473190/100/0/threaded"
},
{
"name": "2877",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2877"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3709",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CRLF injection vulnerability in the redirect function in url_helper.php in CodeIgniter 1.5.3 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in an unspecified parameter, as demonstrated by a Set-Cookie header."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "39370",
"refsource": "OSVDB",
"url": "http://osvdb.org/39370"
},
{
"name": "20070709 CodeIgniter 1.5.3 vulnerabilities",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064500.html"
},
{
"name": "20070708 CodeIgniter 1.5.3 vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/473190/100/0/threaded"
},
{
"name": "2877",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2877"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-3709",
"datePublished": "2007-07-11T23:00:00",
"dateReserved": "2007-07-11T00:00:00",
"dateUpdated": "2024-08-07T14:28:51.952Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-12071 (GCVE-0-2018-12071)
Vulnerability from cvelistv5
Published
2018-06-17 20:00
Modified
2025-06-09 05:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
A Session Fixation issue exists in CodeIgniter before 3.1.9 because session.use_strict_mode in the Session Library was mishandled.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T08:24:03.666Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.codeigniter.com/user_guide/changelog.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-06-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A Session Fixation issue exists in CodeIgniter before 3.1.9 because session.use_strict_mode in the Session Library was mishandled."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-09T05:46:40.328Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.codeigniter.com/user_guide/changelog.html"
},
{
"url": "https://github.com/bcit-ci/CodeIgniter/commit/800a20d6c4662d99ae0988b2f8f2238bb8bb29db"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-12071",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Session Fixation issue exists in CodeIgniter before 3.1.9 because session.use_strict_mode in the Session Library was mishandled."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.codeigniter.com/user_guide/changelog.html",
"refsource": "CONFIRM",
"url": "https://www.codeigniter.com/user_guide/changelog.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-12071",
"datePublished": "2018-06-17T20:00:00.000Z",
"dateReserved": "2018-06-08T00:00:00.000Z",
"dateUpdated": "2025-06-09T05:46:40.328Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-21715 (GCVE-0-2022-21715)
Vulnerability from cvelistv5
Published
2022-01-24 19:55
Modified
2025-04-23 19:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
CodeIgniter4 is the 4.x branch of CodeIgniter, a PHP full-stack web framework. A cross-site scripting (XSS) vulnerability was found in `API\ResponseTrait` in Codeigniter4 prior to version 4.1.8. Attackers can do XSS attacks if a potential victim is using `API\ResponseTrait`. Version 4.1.8 contains a patch for this vulnerability. There are two potential workarounds available. Users may avoid using `API\ResponseTrait` or `ResourceController` Users may also disable Auto Route and use defined routes only.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| codeigniter4 | CodeIgniter4 |
Version: < 4.1.8 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:53:35.389Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-7528-7jg5-6g62"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/70d881cf5322b7c32e69516aebd2273ac6a1e8dd"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://codeigniter4.github.io/userguide/incoming/routing.html#use-defined-routes-only"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-21715",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T14:11:39.225722Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T19:09:30.971Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "CodeIgniter4",
"vendor": "codeigniter4",
"versions": [
{
"status": "affected",
"version": "\u003c 4.1.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter4 is the 4.x branch of CodeIgniter, a PHP full-stack web framework. A cross-site scripting (XSS) vulnerability was found in `API\\ResponseTrait` in Codeigniter4 prior to version 4.1.8. Attackers can do XSS attacks if a potential victim is using `API\\ResponseTrait`. Version 4.1.8 contains a patch for this vulnerability. There are two potential workarounds available. Users may avoid using `API\\ResponseTrait` or `ResourceController` Users may also disable Auto Route and use defined routes only."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-24T19:55:10.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-7528-7jg5-6g62"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/70d881cf5322b7c32e69516aebd2273ac6a1e8dd"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://codeigniter4.github.io/userguide/incoming/routing.html#use-defined-routes-only"
}
],
"source": {
"advisory": "GHSA-7528-7jg5-6g62",
"discovery": "UNKNOWN"
},
"title": "Cross-site Scripting Vulnerability in CodeIgniter4",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-21715",
"STATE": "PUBLIC",
"TITLE": "Cross-site Scripting Vulnerability in CodeIgniter4"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CodeIgniter4",
"version": {
"version_data": [
{
"version_value": "\u003c 4.1.8"
}
]
}
}
]
},
"vendor_name": "codeigniter4"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CodeIgniter4 is the 4.x branch of CodeIgniter, a PHP full-stack web framework. A cross-site scripting (XSS) vulnerability was found in `API\\ResponseTrait` in Codeigniter4 prior to version 4.1.8. Attackers can do XSS attacks if a potential victim is using `API\\ResponseTrait`. Version 4.1.8 contains a patch for this vulnerability. There are two potential workarounds available. Users may avoid using `API\\ResponseTrait` or `ResourceController` Users may also disable Auto Route and use defined routes only."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-7528-7jg5-6g62",
"refsource": "CONFIRM",
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-7528-7jg5-6g62"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/commit/70d881cf5322b7c32e69516aebd2273ac6a1e8dd",
"refsource": "MISC",
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/70d881cf5322b7c32e69516aebd2273ac6a1e8dd"
},
{
"name": "https://codeigniter4.github.io/userguide/incoming/routing.html#use-defined-routes-only",
"refsource": "MISC",
"url": "https://codeigniter4.github.io/userguide/incoming/routing.html#use-defined-routes-only"
}
]
},
"source": {
"advisory": "GHSA-7528-7jg5-6g62",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-21715",
"datePublished": "2022-01-24T19:55:10.000Z",
"dateReserved": "2021-11-16T00:00:00.000Z",
"dateUpdated": "2025-04-23T19:09:30.971Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-3707 (GCVE-0-2007-3707)
Vulnerability from cvelistv5
Published
2007-07-11 23:00
Modified
2024-08-07 14:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Directory traversal vulnerability in index.php in CodeIgniter 1.5.3 before 20070628, when enable_query_strings is true, allows remote attackers to read arbitrary files via a .. (dot dot) in the c parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/25991 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/35348 | vdb-entry, x_refsource_XF | |
| http://osvdb.org/37906 | vdb-entry, x_refsource_OSVDB | |
| http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064500.html | mailing-list, x_refsource_FULLDISC | |
| http://www.securityfocus.com/archive/1/473190/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://securityreason.com/securityalert/2877 | third-party-advisory, x_refsource_SREASON |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:28:52.230Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "25991",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25991"
},
{
"name": "codeigniter-index-directory-traversal(35348)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35348"
},
{
"name": "37906",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/37906"
},
{
"name": "20070709 CodeIgniter 1.5.3 vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064500.html"
},
{
"name": "20070708 CodeIgniter 1.5.3 vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/473190/100/0/threaded"
},
{
"name": "2877",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2877"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in index.php in CodeIgniter 1.5.3 before 20070628, when enable_query_strings is true, allows remote attackers to read arbitrary files via a .. (dot dot) in the c parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "25991",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25991"
},
{
"name": "codeigniter-index-directory-traversal(35348)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35348"
},
{
"name": "37906",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/37906"
},
{
"name": "20070709 CodeIgniter 1.5.3 vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064500.html"
},
{
"name": "20070708 CodeIgniter 1.5.3 vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/473190/100/0/threaded"
},
{
"name": "2877",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2877"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3707",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in index.php in CodeIgniter 1.5.3 before 20070628, when enable_query_strings is true, allows remote attackers to read arbitrary files via a .. (dot dot) in the c parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "25991",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25991"
},
{
"name": "codeigniter-index-directory-traversal(35348)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35348"
},
{
"name": "37906",
"refsource": "OSVDB",
"url": "http://osvdb.org/37906"
},
{
"name": "20070709 CodeIgniter 1.5.3 vulnerabilities",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064500.html"
},
{
"name": "20070708 CodeIgniter 1.5.3 vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/473190/100/0/threaded"
},
{
"name": "2877",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2877"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-3707",
"datePublished": "2007-07-11T23:00:00",
"dateReserved": "2007-07-11T00:00:00",
"dateUpdated": "2024-08-07T14:28:52.230Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-24711 (GCVE-0-2022-24711)
Vulnerability from cvelistv5
Published
2022-02-28 15:45
Modified
2025-04-23 19:00
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-20 - Improper Input Validation
Summary
CodeIgniter4 is the 4.x branch of CodeIgniter, a PHP full-stack web framework. Prior to version 4.1.9, an improper input validation vulnerability allows attackers to execute CLI routes via HTTP request. Version 4.1.9 contains a patch. There are currently no known workarounds for this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-xjp4-6w75-qrj7 | x_refsource_CONFIRM | |
| https://github.com/codeigniter4/CodeIgniter4/commit/202f41ad522ba1d414b9d9c35aba1cb0c156b781 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| codeigniter4 | CodeIgniter4 |
Version: < 4.1.9 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:20:49.801Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-xjp4-6w75-qrj7"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/202f41ad522ba1d414b9d9c35aba1cb0c156b781"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-24711",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T15:57:13.222349Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T19:00:16.255Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "CodeIgniter4",
"vendor": "codeigniter4",
"versions": [
{
"status": "affected",
"version": "\u003c 4.1.9"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter4 is the 4.x branch of CodeIgniter, a PHP full-stack web framework. Prior to version 4.1.9, an improper input validation vulnerability allows attackers to execute CLI routes via HTTP request. Version 4.1.9 contains a patch. There are currently no known workarounds for this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-28T15:45:11.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-xjp4-6w75-qrj7"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/202f41ad522ba1d414b9d9c35aba1cb0c156b781"
}
],
"source": {
"advisory": "GHSA-xjp4-6w75-qrj7",
"discovery": "UNKNOWN"
},
"title": "Remote CLI Command Execution Vulnerability in CodeIgniter4",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-24711",
"STATE": "PUBLIC",
"TITLE": "Remote CLI Command Execution Vulnerability in CodeIgniter4"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CodeIgniter4",
"version": {
"version_data": [
{
"version_value": "\u003c 4.1.9"
}
]
}
}
]
},
"vendor_name": "codeigniter4"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CodeIgniter4 is the 4.x branch of CodeIgniter, a PHP full-stack web framework. Prior to version 4.1.9, an improper input validation vulnerability allows attackers to execute CLI routes via HTTP request. Version 4.1.9 contains a patch. There are currently no known workarounds for this vulnerability."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20: Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-xjp4-6w75-qrj7",
"refsource": "CONFIRM",
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-xjp4-6w75-qrj7"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/commit/202f41ad522ba1d414b9d9c35aba1cb0c156b781",
"refsource": "MISC",
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/202f41ad522ba1d414b9d9c35aba1cb0c156b781"
}
]
},
"source": {
"advisory": "GHSA-xjp4-6w75-qrj7",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-24711",
"datePublished": "2022-02-28T15:45:11.000Z",
"dateReserved": "2022-02-10T00:00:00.000Z",
"dateUpdated": "2025-04-23T19:00:16.255Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-54418 (GCVE-0-2025-54418)
Vulnerability from cvelistv5
Published
2025-07-28 14:47
Modified
2025-07-28 17:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Summary
CodeIgniter is a PHP full-stack web framework. A command injection vulnerability present in versions prior to 4.6.2 affects applications that use the ImageMagick handler for image processing (`imagick` as the image library) and either allow file uploads with user-controlled filenames and process uploaded images using the `resize()` method or use the `text()` method with user-controlled text content or options. An attacker can upload a file with a malicious filename containing shell metacharacters that get executed when the image is processed or provide malicious text content or options that get executed when adding text to images Users should upgrade to v4.6.2 or later to receive a patch. As a workaround, switch to the GD image handler (`gd`, the default handler), which is not affected by either vulnerability. For file upload scenarios, instead of using user-provided filenames, generate random names to eliminate the attack vector with `getRandomName()` when using the `move()` method, or use the `store()` method, which automatically generates safe filenames. For text operations, if one must use ImageMagick with user-controlled text, sanitize the input to only allow safe characters and validate/restrict text options.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-9952-gv64-x94c | x_refsource_CONFIRM | |
| https://github.com/codeigniter4/CodeIgniter4/commit/e18120bff1da691e1d15ffc1bf553ae7411762c0 | x_refsource_MISC | |
| https://cwe.mitre.org/data/definitions/78.html | x_refsource_MISC | |
| https://owasp.org/www-community/attacks/Command_Injection | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| codeigniter4 | CodeIgniter4 |
Version: < 4.6.2 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-54418",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-28T17:19:03.230334Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-28T17:19:14.503Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "CodeIgniter4",
"vendor": "codeigniter4",
"versions": [
{
"status": "affected",
"version": "\u003c 4.6.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter is a PHP full-stack web framework. A command injection vulnerability present in versions prior to 4.6.2 affects applications that use the ImageMagick handler for image processing (`imagick` as the image library) and either allow file uploads with user-controlled filenames and process uploaded images using the `resize()` method or use the `text()` method with user-controlled text content or options. An attacker can upload a file with a malicious filename containing shell metacharacters that get executed when the image is processed or provide malicious text content or options that get executed when adding text to images Users should upgrade to v4.6.2 or later to receive a patch. As a workaround, switch to the GD image handler (`gd`, the default handler), which is not affected by either vulnerability. For file upload scenarios, instead of using user-provided filenames, generate random names to eliminate the attack vector with `getRandomName()` when using the `move()` method, or use the `store()` method, which automatically generates safe filenames. For text operations, if one must use ImageMagick with user-controlled text, sanitize the input to only allow safe characters and validate/restrict text options."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-28T14:47:20.887Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-9952-gv64-x94c",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-9952-gv64-x94c"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/commit/e18120bff1da691e1d15ffc1bf553ae7411762c0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/e18120bff1da691e1d15ffc1bf553ae7411762c0"
},
{
"name": "https://cwe.mitre.org/data/definitions/78.html",
"tags": [
"x_refsource_MISC"
],
"url": "https://cwe.mitre.org/data/definitions/78.html"
},
{
"name": "https://owasp.org/www-community/attacks/Command_Injection",
"tags": [
"x_refsource_MISC"
],
"url": "https://owasp.org/www-community/attacks/Command_Injection"
}
],
"source": {
"advisory": "GHSA-9952-gv64-x94c",
"discovery": "UNKNOWN"
},
"title": "CodeIgniter4\u0027s ImageMagick Handler has Command Injection Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-54418",
"datePublished": "2025-07-28T14:47:20.887Z",
"dateReserved": "2025-07-21T23:18:10.281Z",
"dateUpdated": "2025-07-28T17:19:14.503Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-5725 (GCVE-0-2015-5725)
Vulnerability from cvelistv5
Published
2018-02-21 16:00
Modified
2024-08-06 06:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
SQL injection vulnerability in the offset method in the Active Record class in CodeIgniter before 2.2.4 allows remote attackers to execute arbitrary SQL commands via vectors involving the offset variable.
References
| ▼ | URL | Tags |
|---|---|---|
| https://forum.codeigniter.com/thread-62743.html | x_refsource_CONFIRM | |
| https://github.com/bcit-ci/CodeIgniter/issues/4020 | x_refsource_CONFIRM | |
| https://www.codeigniter.com/userguide2/changelog.html | x_refsource_CONFIRM | |
| https://github.com/bcit-ci/CodeIgniter/commit/0dde92def6b9f276f05ff77abb07ead318f9ec23 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:59:04.331Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://forum.codeigniter.com/thread-62743.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/bcit-ci/CodeIgniter/issues/4020"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.codeigniter.com/userguide2/changelog.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/bcit-ci/CodeIgniter/commit/0dde92def6b9f276f05ff77abb07ead318f9ec23"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-08-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in the offset method in the Active Record class in CodeIgniter before 2.2.4 allows remote attackers to execute arbitrary SQL commands via vectors involving the offset variable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-21T15:57:02",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://forum.codeigniter.com/thread-62743.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/bcit-ci/CodeIgniter/issues/4020"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.codeigniter.com/userguide2/changelog.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/bcit-ci/CodeIgniter/commit/0dde92def6b9f276f05ff77abb07ead318f9ec23"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-5725",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in the offset method in the Active Record class in CodeIgniter before 2.2.4 allows remote attackers to execute arbitrary SQL commands via vectors involving the offset variable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://forum.codeigniter.com/thread-62743.html",
"refsource": "CONFIRM",
"url": "https://forum.codeigniter.com/thread-62743.html"
},
{
"name": "https://github.com/bcit-ci/CodeIgniter/issues/4020",
"refsource": "CONFIRM",
"url": "https://github.com/bcit-ci/CodeIgniter/issues/4020"
},
{
"name": "https://www.codeigniter.com/userguide2/changelog.html",
"refsource": "CONFIRM",
"url": "https://www.codeigniter.com/userguide2/changelog.html"
},
{
"name": "https://github.com/bcit-ci/CodeIgniter/commit/0dde92def6b9f276f05ff77abb07ead318f9ec23",
"refsource": "CONFIRM",
"url": "https://github.com/bcit-ci/CodeIgniter/commit/0dde92def6b9f276f05ff77abb07ead318f9ec23"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-5725",
"datePublished": "2018-02-21T16:00:00",
"dateReserved": "2015-08-04T00:00:00",
"dateUpdated": "2024-08-06T06:59:04.331Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2007-07-11 23:30
Modified
2025-04-09 00:30
Severity ?
Summary
Directory traversal vulnerability in index.php in CodeIgniter 1.5.3 before 20070628, when enable_query_strings is true, allows remote attackers to read arbitrary files via a .. (dot dot) in the c parameter.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter | 1.5.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:1.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7854CAB9-06E9-42AD-AD02-2D7717455D88",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in index.php in CodeIgniter 1.5.3 before 20070628, when enable_query_strings is true, allows remote attackers to read arbitrary files via a .. (dot dot) in the c parameter."
},
{
"lang": "es",
"value": "Vulnerabilidad de salto de directorio en index.php en CodeIgniter 1.5.3 anterior a 20070628, cuando enable_query_strings tiene el valor verdadero, permite a atacantes remotos leer archivos de su elecci\u00f3n a trav\u00e9s de la secuencia .. (punto punto) en el par\u00e1metro c."
}
],
"id": "CVE-2007-3707",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-07-11T23:30:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064500.html"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/37906"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/25991"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/2877"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/473190/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35348"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064500.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/37906"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25991"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/2877"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/473190/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35348"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-07-11 23:30
Modified
2025-04-09 00:30
Severity ?
Summary
CRLF injection vulnerability in the redirect function in url_helper.php in CodeIgniter 1.5.3 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in an unspecified parameter, as demonstrated by a Set-Cookie header.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter | 1.5.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:1.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7854CAB9-06E9-42AD-AD02-2D7717455D88",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CRLF injection vulnerability in the redirect function in url_helper.php in CodeIgniter 1.5.3 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in an unspecified parameter, as demonstrated by a Set-Cookie header."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n de retornos de carro y saltos de l\u00ednea el la funci\u00f3n redirecci\u00f3n en url_helper.php de CodeIgniter 1.5.3 permite a atacantes remotos inyectar cabeceras HTML de su elecci\u00f3n mediante secuencias CRLF en un par\u00e1metro no especificado, como se demuestra con una cabecera Set-Cookie."
}
],
"id": "CVE-2007-3709",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-07-11T23:30:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064500.html"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/39370"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/2877"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/473190/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064500.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/39370"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/2877"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/473190/100/0/threaded"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-02-21 16:29
Modified
2024-11-21 02:33
Severity ?
Summary
SQL injection vulnerability in the offset method in the Active Record class in CodeIgniter before 2.2.4 allows remote attackers to execute arbitrary SQL commands via vectors involving the offset variable.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24118AAE-91D7-475D-ACCC-D58C62BBE4D5",
"versionEndExcluding": "2.2.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in the offset method in the Active Record class in CodeIgniter before 2.2.4 allows remote attackers to execute arbitrary SQL commands via vectors involving the offset variable."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n SQL en el m\u00e9todo offset en la clase Active Record en CodeIgniter, en versiones anteriores a la 2.2.4, permite que atacantes remotos ejecuten comandos SQL arbitrarios mediante vectores relacionados con la variable offset."
}
],
"id": "CVE-2015-5725",
"lastModified": "2024-11-21T02:33:43.110",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-02-21T16:29:00.473",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://forum.codeigniter.com/thread-62743.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/bcit-ci/CodeIgniter/commit/0dde92def6b9f276f05ff77abb07ead318f9ec23"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/bcit-ci/CodeIgniter/issues/4020"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.codeigniter.com/userguide2/changelog.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://forum.codeigniter.com/thread-62743.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/bcit-ci/CodeIgniter/commit/0dde92def6b9f276f05ff77abb07ead318f9ec23"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/bcit-ci/CodeIgniter/issues/4020"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.codeigniter.com/userguide2/changelog.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-10-07 11:15
Modified
2024-11-21 07:22
Severity ?
Summary
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php where_in() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter | * | |
| codeigniter | codeigniter | 3.0 | |
| codeigniter | codeigniter | 3.0 | |
| codeigniter | codeigniter | 3.0 | |
| codeigniter | codeigniter | 3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9534CB28-BB53-4CF8-9337-51314C6503BA",
"versionEndIncluding": "3.1.13",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:-:*:*:*:*:*:*",
"matchCriteriaId": "E3D89799-8C31-4A6D-A891-3B445B22C234",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:rc:*:*:*:*:*:*",
"matchCriteriaId": "51252C58-6FD7-4F20-A396-9A3A512012AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "684DB479-334E-4D9C-9284-D9FFF0E72383",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "222F4332-C4F0-4152-9517-0915B006E304",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "B.C. Institute of Technology CodeIgniter \u003c=3.1.13 is vulnerable to SQL Injection via system\\database\\DB_query_builder.php where_in() function. Note: Multiple third parties have disputed this as not a valid vulnerability."
},
{
"lang": "es",
"value": "B.C. Institute of Technology CodeIgniter versiones anteriores a 3.1.13 incluy\u00e9ndola, es vulnerable a una inyecci\u00f3n SQL por medio de la funci\u00f3n system\\database\\DB_query_builder.php where_in()"
}
],
"id": "CVE-2022-40825",
"lastModified": "2024-11-21T07:22:05.597",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-07T11:15:10.983",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-12 06:59
Modified
2025-04-20 01:37
Severity ?
Summary
system/libraries/Email.php in CodeIgniter before 3.1.3 allows remote attackers to execute arbitrary code by leveraging control over the email->from field to insert sendmail command-line arguments.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "866EFAA2-784D-490D-A298-02ACA79EFCD2",
"versionEndIncluding": "3.1.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "system/libraries/Email.php in CodeIgniter before 3.1.3 allows remote attackers to execute arbitrary code by leveraging control over the email-\u003efrom field to insert sendmail command-line arguments."
},
{
"lang": "es",
"value": "system/libraries/Email.php en CodeIgniter en versiones anteriores 3.1.3 permite a atacantes remotos ejecutar c\u00f3digo arbitrario aprovechando el control sobre el campo email-\u003efrom para insertar argumentos de linea de comando sendmail."
}
],
"id": "CVE-2016-10131",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-12T06:59:00.187",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/96851"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://gist.github.com/Zenexer/40d02da5e07f151adeaeeaa11af9ab36"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://github.com/bcit-ci/CodeIgniter/issues/4963"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://github.com/bcit-ci/CodeIgniter/pull/4966"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/96851"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://gist.github.com/Zenexer/40d02da5e07f151adeaeeaa11af9ab36"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://github.com/bcit-ci/CodeIgniter/issues/4963"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://github.com/bcit-ci/CodeIgniter/pull/4966"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-74"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-28 16:15
Modified
2024-11-21 06:50
Severity ?
6.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:L
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
CodeIgniter4 is the 4.x branch of CodeIgniter, a PHP full-stack web framework. A vulnerability in versions prior to 4.1.9 might allow remote attackers to bypass the CodeIgniter4 Cross-Site Request Forgery (CSRF) protection mechanism. Users should upgrade to version 4.1.9. There are workarounds for this vulnerability, but users will still need to code as these after upgrading to v4.1.9. Otherwise, the CSRF protection may be bypassed. If auto-routing is enabled, check the request method in the controller method before processing. If auto-routing is disabled, either avoid using `$routes->add()` and instead use HTTP verbs in routes; or check the request method in the controller method before processing.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security-advisories@github.com | https://github.com/codeigniter4/CodeIgniter4/blob/7dc2ece32401ebde67122f7d2460efcaee7c352e/user_guide_src/source/changelogs/v4.1.9.rst | Release Notes, Third Party Advisory | |
| security-advisories@github.com | https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-4v37-24gm-h554 | Mitigation, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/codeigniter4/CodeIgniter4/blob/7dc2ece32401ebde67122f7d2460efcaee7c352e/user_guide_src/source/changelogs/v4.1.9.rst | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-4v37-24gm-h554 | Mitigation, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F38797FA-2441-451B-BAB6-EAA69B5DF818",
"versionEndExcluding": "4.1.9",
"versionStartIncluding": "4.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter4 is the 4.x branch of CodeIgniter, a PHP full-stack web framework. A vulnerability in versions prior to 4.1.9 might allow remote attackers to bypass the CodeIgniter4 Cross-Site Request Forgery (CSRF) protection mechanism. Users should upgrade to version 4.1.9. There are workarounds for this vulnerability, but users will still need to code as these after upgrading to v4.1.9. Otherwise, the CSRF protection may be bypassed. If auto-routing is enabled, check the request method in the controller method before processing. If auto-routing is disabled, either avoid using `$routes-\u003eadd()` and instead use HTTP verbs in routes; or check the request method in the controller method before processing."
},
{
"lang": "es",
"value": "CodeIgniter4 es la rama 4.x de CodeIgniter, un framework web PHP full-stack. Una vulnerabilidad en versiones anteriores a 4.1.9 podr\u00eda permitir a atacantes remotos omitir el mecanismo de protecci\u00f3n contra ataques de tipo Cross-Site Request Forgery (CSRF) de CodeIgniter4. Los usuarios deber\u00edan actualizar a la versi\u00f3n 4.1.9. Se presentan medidas de mitigaci\u00f3n para esta vulnerabilidad, pero los usuarios deber\u00e1n seguir codificando como tales despu\u00e9s de actualizar a versi\u00f3n 4.1.9. De lo contrario, la protecci\u00f3n de tipo CSRF puede ser omitida. Si el enrutamiento autom\u00e1tico est\u00e1 habilitado, compruebe el m\u00e9todo de petici\u00f3n en el m\u00e9todo del controlador antes de procesarlo. Si el auto-enrutamiento est\u00e1 deshabilitado, evite usar \"$routes-)add()\" y en su lugar use verbos HTTP en las rutas; o compruebe el m\u00e9todo de petici\u00f3n en el m\u00e9todo del controlador antes de procesarlo."
}
],
"id": "CVE-2022-24712",
"lastModified": "2024-11-21T06:50:55.820",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.1,
"impactScore": 4.2,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-28T16:15:08.027",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/blob/7dc2ece32401ebde67122f7d2460efcaee7c352e/user_guide_src/source/changelogs/v4.1.9.rst"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-4v37-24gm-h554"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/blob/7dc2ece32401ebde67122f7d2460efcaee7c352e/user_guide_src/source/changelogs/v4.1.9.rst"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-4v37-24gm-h554"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-10-07 11:15
Modified
2024-11-21 07:22
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php where_not_in() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter | * | |
| codeigniter | codeigniter | 3.0 | |
| codeigniter | codeigniter | 3.0 | |
| codeigniter | codeigniter | 3.0 | |
| codeigniter | codeigniter | 3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9534CB28-BB53-4CF8-9337-51314C6503BA",
"versionEndIncluding": "3.1.13",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:-:*:*:*:*:*:*",
"matchCriteriaId": "E3D89799-8C31-4A6D-A891-3B445B22C234",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:rc:*:*:*:*:*:*",
"matchCriteriaId": "51252C58-6FD7-4F20-A396-9A3A512012AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "684DB479-334E-4D9C-9284-D9FFF0E72383",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "222F4332-C4F0-4152-9517-0915B006E304",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "B.C. Institute of Technology CodeIgniter \u003c=3.1.13 is vulnerable to SQL Injection via system\\database\\DB_query_builder.php where_not_in() function. Note: Multiple third parties have disputed this as not a valid vulnerability."
},
{
"lang": "es",
"value": "B.C. Institute of Technology CodeIgniter versiones anteriores a 3.1.13 incluy\u00e9ndola, es vulnerable a una inyecci\u00f3n SQL por medio de la funci\u00f3n system\\database\\DB_query_builder.php where_not_in()"
}
],
"id": "CVE-2022-40830",
"lastModified": "2024-11-21T07:22:06.520",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2022-10-07T11:15:11.433",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-07-11 23:30
Modified
2025-04-09 00:30
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in CodeIgniter 1.5.3 before 20070626 allows remote attackers to inject arbitrary web script or HTML via (1) String.fromCharCode and (2) malformed nested tag manipulations in an unspecified component, related to insufficient sanitization by the xss_clean function.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter | 1.5.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:1.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7854CAB9-06E9-42AD-AD02-2D7717455D88",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in CodeIgniter 1.5.3 before 20070626 allows remote attackers to inject arbitrary web script or HTML via (1) String.fromCharCode and (2) malformed nested tag manipulations in an unspecified component, related to insufficient sanitization by the xss_clean function."
},
{
"lang": "es",
"value": "Vulnerabilidad de secuencia de comandos en sitios cruzados (XSS) en CodeIgniter 1.5.3 anterior a 20070626 permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s de (1) String.fromCharCode y (2) manipulaciones de etiquetas anidadas malformadas en un componente no especificado, relacionado con un insuficiente limpieza por parte de la funci\u00f3n xss_clean."
}
],
"id": "CVE-2007-3708",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2007-07-11T23:30:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064500.html"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/37907"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/25991"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/2877"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/473190/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35350"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064500.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/37907"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25991"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/2877"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/473190/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35350"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-10-07 11:15
Modified
2025-04-09 19:15
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php where() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter | * | |
| codeigniter | codeigniter | 3.0 | |
| codeigniter | codeigniter | 3.0 | |
| codeigniter | codeigniter | 3.0 | |
| codeigniter | codeigniter | 3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9534CB28-BB53-4CF8-9337-51314C6503BA",
"versionEndIncluding": "3.1.13",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:-:*:*:*:*:*:*",
"matchCriteriaId": "E3D89799-8C31-4A6D-A891-3B445B22C234",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:rc:*:*:*:*:*:*",
"matchCriteriaId": "51252C58-6FD7-4F20-A396-9A3A512012AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "684DB479-334E-4D9C-9284-D9FFF0E72383",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "222F4332-C4F0-4152-9517-0915B006E304",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "B.C. Institute of Technology CodeIgniter \u003c=3.1.13 is vulnerable to SQL Injection via system\\database\\DB_query_builder.php where() function. Note: Multiple third parties have disputed this as not a valid vulnerability."
},
{
"lang": "es",
"value": "B.C. Institute of Technology CodeIgniter versiones anteriores a 3.1.13 incluy\u00e9ndola, es vulnerable a una inyecci\u00f3n SQL por medio de la funci\u00f3n system\\database\\DB_query_builder.php where()"
}
],
"id": "CVE-2022-40827",
"lastModified": "2025-04-09T19:15:44.507",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2022-10-07T11:15:11.173",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-12-22 19:15
Modified
2024-11-21 07:30
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
CodeIgniter is a PHP full-stack web framework. When an application uses (1) multiple session cookies (e.g., one for user pages and one for admin pages) and (2) a session handler is set to `DatabaseHandler`, `MemcachedHandler`, or `RedisHandler`, then if an attacker gets one session cookie (e.g., one for user pages), they may be able to access pages that require another session cookie (e.g., for admin pages). This issue has been patched, please upgrade to version 4.2.11 or later. As a workaround, use only one session cookie.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E8EEE4F-3F8A-4CC9-9501-87DD6F0FF2B2",
"versionEndExcluding": "4.2.11",
"versionStartIncluding": "4.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter is a PHP full-stack web framework. When an application uses (1) multiple session cookies (e.g., one for user pages and one for admin pages) and (2) a session handler is set to `DatabaseHandler`, `MemcachedHandler`, or `RedisHandler`, then if an attacker gets one session cookie (e.g., one for user pages), they may be able to access pages that require another session cookie (e.g., for admin pages). This issue has been patched, please upgrade to version 4.2.11 or later. As a workaround, use only one session cookie."
},
{
"lang": "es",
"value": "CodeIgniter es un framework web PHP full-stack. Cuando una aplicaci\u00f3n utiliza (1) m\u00faltiples cookies de sesi\u00f3n (por ejemplo, una para p\u00e1ginas de usuario y otra para p\u00e1ginas de administraci\u00f3n) y (2) un controlador de sesi\u00f3n est\u00e1 configurado en `DatabaseHandler`, `MemcachedHandler` o `RedisHandler`, entonces, si un atacante obtiene una cookie de sesi\u00f3n (por ejemplo, una para p\u00e1ginas de usuario), es posible que pueda acceder a p\u00e1ginas que requieren otra cookie de sesi\u00f3n (por ejemplo, para p\u00e1ginas de administraci\u00f3n). Este problema ha sido solucionado; actualice a la versi\u00f3n 4.2.11 o posterior. Como soluci\u00f3n alternativa, utilice solo una cookie de sesi\u00f3n."
}
],
"id": "CVE-2022-46170",
"lastModified": "2024-11-21T07:30:15.103",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.7,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-12-22T19:15:09.223",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/f9fb6574fbeb5a4aa63f7ea87296523e10db9328"
},
{
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-6cq5-8cj7-g558"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/f9fb6574fbeb5a4aa63f7ea87296523e10db9328"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-6cq5-8cj7-g558"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-28 16:15
Modified
2024-11-21 06:50
Severity ?
9.4 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
CodeIgniter4 is the 4.x branch of CodeIgniter, a PHP full-stack web framework. Prior to version 4.1.9, an improper input validation vulnerability allows attackers to execute CLI routes via HTTP request. Version 4.1.9 contains a patch. There are currently no known workarounds for this vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F38797FA-2441-451B-BAB6-EAA69B5DF818",
"versionEndExcluding": "4.1.9",
"versionStartIncluding": "4.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter4 is the 4.x branch of CodeIgniter, a PHP full-stack web framework. Prior to version 4.1.9, an improper input validation vulnerability allows attackers to execute CLI routes via HTTP request. Version 4.1.9 contains a patch. There are currently no known workarounds for this vulnerability."
},
{
"lang": "es",
"value": "CodeIgniter4 es la rama 4.x de CodeIgniter, un framework web PHP full-stack. En versiones anteriores a 4.1.9, una vulnerabilidad de comprobaci\u00f3n de entrada inapropiada permite a atacantes ejecutar rutas CLI por medio de una petici\u00f3n HTTP. La versi\u00f3n 4.1.9 contiene un parche. Actualmente no son conocidas medidas de mitigaci\u00f3n para esta vulnerabilidad."
}
],
"id": "CVE-2022-24711",
"lastModified": "2024-11-21T06:50:55.693",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.5,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-28T16:15:07.970",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/202f41ad522ba1d414b9d9c35aba1cb0c156b781"
},
{
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-xjp4-6w75-qrj7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/202f41ad522ba1d414b9d9c35aba1cb0c156b781"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-xjp4-6w75-qrj7"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-09-19 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
CodeIgniter before 3.0 and Kohana 3.2.3 and earlier and 3.3.x through 3.3.2 make it easier for remote attackers to spoof session cookies and consequently conduct PHP object injection attacks by leveraging use of standard string comparison operators to compare cryptographic hashes.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://packetstormsecurity.com/files/130609/Seagate-Business-NAS-Unauthenticated-Remote-Command-Execution.html | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://seclists.org/fulldisclosure/2014/May/54 | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://github.com/kohana/core/pull/492 | Third Party Advisory | |
| cve@mitre.org | https://scott.arciszewski.me/research/full/php-framework-timing-attacks-object-injection | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/130609/Seagate-Business-NAS-Unauthenticated-Remote-Command-Execution.html | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2014/May/54 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/kohana/core/pull/492 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://scott.arciszewski.me/research/full/php-framework-timing-attacks-object-injection | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter | * | |
| kohanaframework | kohana | 3.2.3 | |
| kohanaframework | kohana | 3.3.0 | |
| kohanaframework | kohana | 3.3.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A8B5FE05-C0B7-4F4A-B959-89452F801CA2",
"versionEndIncluding": "2.2.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kohanaframework:kohana:3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "17E340FE-7CC7-4275-9170-6B06F33F7A8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kohanaframework:kohana:3.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D691FEB7-52FD-4D87-B96E-29EBC7BB1A30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kohanaframework:kohana:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "11116DC5-4351-493F-8E49-89E6AE5DCC43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter before 3.0 and Kohana 3.2.3 and earlier and 3.3.x through 3.3.2 make it easier for remote attackers to spoof session cookies and consequently conduct PHP object injection attacks by leveraging use of standard string comparison operators to compare cryptographic hashes."
},
{
"lang": "es",
"value": "CodeIgniter antes de la versi\u00f3n 3.0 y Kohana 3.2.3 y anteriores y en versiones 3.3.x hasta la 3.3.2 facilita que los atacantes remotos suplanten cookies de sesi\u00f3n y lleven a cabo ataques de inyecci\u00f3n de objetos PHP. Esto se realizar\u00eda por medio de operadores est\u00e1ndar de comparaci\u00f3n de strings para comparar hashes criptogr\u00e1ficos."
}
],
"id": "CVE-2014-8684",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-09-19T19:29:00.203",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/130609/Seagate-Business-NAS-Unauthenticated-Remote-Command-Execution.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2014/May/54"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/kohana/core/pull/492"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://scott.arciszewski.me/research/full/php-framework-timing-attacks-object-injection"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/130609/Seagate-Business-NAS-Unauthenticated-Remote-Command-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2014/May/54"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/kohana/core/pull/492"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://scott.arciszewski.me/research/full/php-framework-timing-attacks-object-injection"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-310"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-05-30 04:15
Modified
2024-11-21 08:03
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
CodeIgniter is a PHP full-stack web framework. This vulnerability allows attackers to execute arbitrary code when you use Validation Placeholders. The vulnerability exists in the Validation library, and validation methods in the controller and in-model validation are also vulnerable because they use the Validation library internally. This issue is patched in version 4.3.5.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94AEF6DC-6C48-4A0E-973E-7AD5B9EFB2A2",
"versionEndExcluding": "4.3.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter is a PHP full-stack web framework. This vulnerability allows attackers to execute arbitrary code when you use Validation Placeholders. The vulnerability exists in the Validation library, and validation methods in the controller and in-model validation are also vulnerable because they use the Validation library internally. This issue is patched in version 4.3.5.\n"
},
{
"lang": "es",
"value": "CodeIgniter es un framework web PHP full-stack. Esta vulnerabilidad permite a los atacantes ejecutar c\u00f3digo arbitrario cuando se utilizan \"Validation Placeholders\". La vulnerabilidad existe en la librer\u00eda \"Validation\" y los m\u00e9todos de validaci\u00f3n en el controlador y la validaci\u00f3n en el modelo son tambi\u00e9n vulnerables porque utilizan la librer\u00eda \"Validation\" internamente. Este problema se ha corregido en la versi\u00f3n 4.3.5. "
}
],
"id": "CVE-2023-32692",
"lastModified": "2024-11-21T08:03:51.783",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-05-30T04:15:10.097",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/blob/develop/CHANGELOG.md"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-m6m8-6gq8-c9fj"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/blob/develop/CHANGELOG.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-m6m8-6gq8-c9fj"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-10-07 11:15
Modified
2024-11-21 07:22
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_having() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter | * | |
| codeigniter | codeigniter | 3.0 | |
| codeigniter | codeigniter | 3.0 | |
| codeigniter | codeigniter | 3.0 | |
| codeigniter | codeigniter | 3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9534CB28-BB53-4CF8-9337-51314C6503BA",
"versionEndIncluding": "3.1.13",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:-:*:*:*:*:*:*",
"matchCriteriaId": "E3D89799-8C31-4A6D-A891-3B445B22C234",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:rc:*:*:*:*:*:*",
"matchCriteriaId": "51252C58-6FD7-4F20-A396-9A3A512012AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "684DB479-334E-4D9C-9284-D9FFF0E72383",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "222F4332-C4F0-4152-9517-0915B006E304",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "B.C. Institute of Technology CodeIgniter \u003c=3.1.13 is vulnerable to SQL Injection via system\\database\\DB_query_builder.php or_having() function. Note: Multiple third parties have disputed this as not a valid vulnerability."
},
{
"lang": "es",
"value": "B.C. Institute of Technology CodeIgniter versiones anteriores a 3.1.13 incluy\u00e9ndola, es vulnerable a una inyecci\u00f3n SQL por medio de la funci\u00f3n system\\database\\DB_query_builder.php or_having()"
}
],
"id": "CVE-2022-40826",
"lastModified": "2024-11-21T07:22:05.740",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2022-10-07T11:15:11.083",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-10-07 11:15
Modified
2025-04-09 19:15
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_where_not_in() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter | * | |
| codeigniter | codeigniter | 3.0 | |
| codeigniter | codeigniter | 3.0 | |
| codeigniter | codeigniter | 3.0 | |
| codeigniter | codeigniter | 3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9534CB28-BB53-4CF8-9337-51314C6503BA",
"versionEndIncluding": "3.1.13",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:-:*:*:*:*:*:*",
"matchCriteriaId": "E3D89799-8C31-4A6D-A891-3B445B22C234",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:rc:*:*:*:*:*:*",
"matchCriteriaId": "51252C58-6FD7-4F20-A396-9A3A512012AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "684DB479-334E-4D9C-9284-D9FFF0E72383",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "222F4332-C4F0-4152-9517-0915B006E304",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "B.C. Institute of Technology CodeIgniter \u003c=3.1.13 is vulnerable to SQL Injection via system\\database\\DB_query_builder.php or_where_not_in() function. Note: Multiple third parties have disputed this as not a valid vulnerability."
},
{
"lang": "es",
"value": "B.C. Institute of Technology CodeIgniter versiones anteriores a 3.1.13 incluy\u00e9ndola, es vulnerable a una inyecci\u00f3n SQL por medio de la funci\u00f3n system\\database\\DB_query_builder.php or_where_not_in()"
}
],
"id": "CVE-2022-40828",
"lastModified": "2025-04-09T19:15:44.717",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2022-10-07T11:15:11.273",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-10-07 11:15
Modified
2024-11-21 07:22
Severity ?
Summary
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php. Note: Multiple third parties have disputed this as not a valid vulnerability
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter | * | |
| codeigniter | codeigniter | 3.0 | |
| codeigniter | codeigniter | 3.0 | |
| codeigniter | codeigniter | 3.0 | |
| codeigniter | codeigniter | 3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9534CB28-BB53-4CF8-9337-51314C6503BA",
"versionEndIncluding": "3.1.13",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:-:*:*:*:*:*:*",
"matchCriteriaId": "E3D89799-8C31-4A6D-A891-3B445B22C234",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:rc:*:*:*:*:*:*",
"matchCriteriaId": "51252C58-6FD7-4F20-A396-9A3A512012AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "684DB479-334E-4D9C-9284-D9FFF0E72383",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "222F4332-C4F0-4152-9517-0915B006E304",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "B.C. Institute of Technology CodeIgniter \u003c=3.1.13 is vulnerable to SQL Injection via system\\database\\DB_query_builder.php. Note: Multiple third parties have disputed this as not a valid vulnerability"
},
{
"lang": "es",
"value": "B.C. Institute of Technology CodeIgniter versiones anteriores a 3.1.13 incluy\u00e9ndola, es vulnerable a una inyecci\u00f3n SQL por medio del archivo system\\database\\DB_query_builder.php"
}
],
"id": "CVE-2022-40835",
"lastModified": "2024-11-21T07:22:07.380",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-07T11:15:11.903",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-03-29 16:15
Modified
2025-05-07 17:28
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
CodeIgniter is a PHP full-stack web framework A vulnerability was found in the Language class that allowed DoS attacks. This vulnerability can be exploited by an attacker to consume a large amount of memory on the server. Upgrade to v4.4.7 or later.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "270FB1E4-6E17-4EE9-981A-ED54AF580BFE",
"versionEndExcluding": "4.4.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter is a PHP full-stack web framework A vulnerability was found in the Language class that allowed DoS attacks. This vulnerability can be exploited by an attacker to consume a large amount of memory on the server. Upgrade to v4.4.7 or later. \n"
},
{
"lang": "es",
"value": "CodeIgniter es un framework web PHP de pila completa. Se encontr\u00f3 una vulnerabilidad en la clase de lenguaje que permit\u00eda ataques DoS. Un atacante puede aprovechar esta vulnerabilidad para consumir una gran cantidad de memoria en el servidor. Actualice a v4.4.7 o posterior."
}
],
"id": "CVE-2024-29904",
"lastModified": "2025-05-07T17:28:25.530",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-03-29T16:15:08.593",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/fa851acbae7ae4c5a97f8f38ae87aa0822a334c0"
},
{
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-39fp-mqmm-gxj6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/fa851acbae7ae4c5a97f8f38ae87aa0822a334c0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-39fp-mqmm-gxj6"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-835"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-674"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-10-07 11:15
Modified
2024-11-21 07:22
Severity ?
Summary
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_not_like() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter | * | |
| codeigniter | codeigniter | 3.0 | |
| codeigniter | codeigniter | 3.0 | |
| codeigniter | codeigniter | 3.0 | |
| codeigniter | codeigniter | 3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9534CB28-BB53-4CF8-9337-51314C6503BA",
"versionEndIncluding": "3.1.13",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:-:*:*:*:*:*:*",
"matchCriteriaId": "E3D89799-8C31-4A6D-A891-3B445B22C234",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:rc:*:*:*:*:*:*",
"matchCriteriaId": "51252C58-6FD7-4F20-A396-9A3A512012AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "684DB479-334E-4D9C-9284-D9FFF0E72383",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "222F4332-C4F0-4152-9517-0915B006E304",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "B.C. Institute of Technology CodeIgniter \u003c=3.1.13 is vulnerable to SQL Injection via system\\database\\DB_query_builder.php or_not_like() function. Note: Multiple third parties have disputed this as not a valid vulnerability."
},
{
"lang": "es",
"value": "B.C. Institute of Technology CodeIgniter versiones anteriores a 3.1.13 incluy\u00e9ndola, es vulnerable a una inyecci\u00f3n SQL por medio de la funci\u00f3n system\\database\\DB_query_builder.php or_not_like()"
}
],
"id": "CVE-2022-40834",
"lastModified": "2024-11-21T07:22:07.237",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-07T11:15:11.750",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-11-17 04:29
Modified
2025-04-20 01:37
Severity ?
Summary
British Columbia Institute of Technology CodeIgniter 3.1.3 is vulnerable to HTTP Header Injection in the set_status_header() common function under Apache resulting in HTTP Header Injection flaws.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter | 3.1.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "01E1E59D-BCC7-44AE-925C-E7A49CC074F5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "British Columbia Institute of Technology CodeIgniter 3.1.3 is vulnerable to HTTP Header Injection in the set_status_header() common function under Apache resulting in HTTP Header Injection flaws."
},
{
"lang": "es",
"value": "British Columbia Institute of Technology CodeIgniter 3.1.3 es vulnerable a la inyecci\u00f3n de cabeceras HTTP en la funci\u00f3n com\u00fan set_status_header() en Apache, provocando errores de inyecci\u00f3n de cabeceras HTTP."
}
],
"id": "CVE-2017-1000247",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-11-17T04:29:00.547",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.codeigniter.com/userguide3/changelog.html#version-3-1-4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.codeigniter.com/userguide3/changelog.html#version-3-1-4"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-03-23 15:15
Modified
2024-11-21 04:56
Severity ?
Summary
CodeIgniter through 4.0.0 allows remote attackers to gain privileges via a modified Email ID to the "Select Role of the User" page. NOTE: A contributor to the CodeIgniter framework argues that the issue should not be attributed to CodeIgniter. Furthermore, the blog post reference shows an unknown website built with the CodeIgniter framework but that CodeIgniter is not responsible for introducing this issue because the framework has never provided a login screen, nor any kind of login or user management facilities beyond a Session library. Also, another reporter indicates the issue is with a custom module/plugin to CodeIgniter, not CodeIgniter itself.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F4B558D8-2991-4D71-8E3E-A5166E4B4F78",
"versionEndIncluding": "4.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter through 4.0.0 allows remote attackers to gain privileges via a modified Email ID to the \"Select Role of the User\" page. NOTE: A contributor to the CodeIgniter framework argues that the issue should not be attributed to CodeIgniter. Furthermore, the blog post reference shows an unknown website built with the CodeIgniter framework but that CodeIgniter is not responsible for introducing this issue because the framework has never provided a login screen, nor any kind of login or user management facilities beyond a Session library. Also, another reporter indicates the issue is with a custom module/plugin to CodeIgniter, not CodeIgniter itself."
},
{
"lang": "es",
"value": "CodeIgniter hasta la versi\u00f3n 4.0.0 permite a los atacantes remotos obtener privilegios a trav\u00e9s de un ID de correo electr\u00f3nico modificado a la p\u00e1gina \"Seleccionar el rol del usuario\". NOTA: Un colaborador del framework CodeIgniter argumenta que el problema no debe ser atribuido a CodeIgniter. Adem\u00e1s, la referencia de la publicaci\u00f3n del blog muestra un sitio web desconocido construido con el framework CodeIgniter, pero que CodeIgniter no es responsable de la introducci\u00f3n de este problema porque el framework nunca ha proporcionado una pantalla de inicio de sesi\u00f3n, ni ning\u00fan tipo de inicio de sesi\u00f3n o facilidades de gesti\u00f3n de usuarios m\u00e1s all\u00e1 de una biblioteca de sesiones. Adem\u00e1s, otro reportero indica que el problema es con un m\u00f3dulo/plugin personalizado para CodeIgniter, no con el propio CodeIgniter"
}
],
"id": "CVE-2020-10793",
"lastModified": "2024-11-21T04:56:05.160",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-03-23T15:15:14.720",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://codeigniter4.github.io/userguide/extending/authentication.html"
},
{
"source": "cve@mitre.org",
"url": "https://medium.com/%40vbharad/account-takeover-via-modifying-email-id-codeigniter-framework-ca30741ad297"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://codeigniter4.github.io/userguide/extending/authentication.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://medium.com/%40vbharad/account-takeover-via-modifying-email-id-codeigniter-framework-ca30741ad297"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-02-21 16:29
Modified
2024-11-21 01:56
Severity ?
Summary
The xss_clean function in CodeIgniter before 2.1.4 might allow remote attackers to bypass an intended protection mechanism and conduct cross-site scripting (XSS) attacks via an unclosed HTML tag.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/bcit-ci/CodeIgniter/issues/4020 | Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://nealpoole.com/blog/2013/07/codeigniter-21-xss-clean-filter-bypass/ | Exploit, Third Party Advisory | |
| cve@mitre.org | https://www.codeigniter.com/userguide2/changelog.html | Release Notes | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/bcit-ci/CodeIgniter/issues/4020 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://nealpoole.com/blog/2013/07/codeigniter-21-xss-clean-filter-bypass/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.codeigniter.com/userguide2/changelog.html | Release Notes |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "689AA837-9420-4B42-BB2A-6BC238C3FA46",
"versionEndExcluding": "2.1.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The xss_clean function in CodeIgniter before 2.1.4 might allow remote attackers to bypass an intended protection mechanism and conduct cross-site scripting (XSS) attacks via an unclosed HTML tag."
},
{
"lang": "es",
"value": "La funci\u00f3n xss_clean en CodeIgniter, en versiones anteriores a la 2.1.4, podr\u00eda permitir que atacantes remotos omitan un mecanismo de protecci\u00f3n planeado y lleven a cabo ataques de Cross-Site Scripting (XSS) mediante unaetiqueta HTML no cerrada."
}
],
"id": "CVE-2013-4891",
"lastModified": "2024-11-21T01:56:39.597",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-02-21T16:29:00.190",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/bcit-ci/CodeIgniter/issues/4020"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://nealpoole.com/blog/2013/07/codeigniter-21-xss-clean-filter-bypass/"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes"
],
"url": "https://www.codeigniter.com/userguide2/changelog.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/bcit-ci/CodeIgniter/issues/4020"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://nealpoole.com/blog/2013/07/codeigniter-21-xss-clean-filter-bypass/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://www.codeigniter.com/userguide2/changelog.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-04 20:15
Modified
2024-11-21 06:45
Severity ?
7.7 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
CodeIgniter is an open source PHP full-stack web framework. Deserialization of Untrusted Data was found in the `old()` function in CodeIgniter4. Remote attackers may inject auto-loadable arbitrary objects with this vulnerability, and possibly execute existing PHP code on the server. We are aware of a working exploit, which can lead to SQL injection. Users are advised to upgrade to v4.1.6 or later. Users unable to upgrade as advised to not use the `old()` function and form_helper nor `RedirectResponse::withInput()` and `redirect()->withInput()`.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security-advisories@github.com | https://github.com/codeigniter4/CodeIgniter4/commit/ce95ed5765256e2f09f3513e7d42790e0d6948f5 | Patch, Third Party Advisory | |
| security-advisories@github.com | https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-w6jr-wj64-mc9x | Mitigation, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/codeigniter4/CodeIgniter4/commit/ce95ed5765256e2f09f3513e7d42790e0d6948f5 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-w6jr-wj64-mc9x | Mitigation, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5E18B755-8CBA-45C9-8759-5039BBAD4FC6",
"versionEndExcluding": "4.1.6",
"versionStartIncluding": "4.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter is an open source PHP full-stack web framework. Deserialization of Untrusted Data was found in the `old()` function in CodeIgniter4. Remote attackers may inject auto-loadable arbitrary objects with this vulnerability, and possibly execute existing PHP code on the server. We are aware of a working exploit, which can lead to SQL injection. Users are advised to upgrade to v4.1.6 or later. Users unable to upgrade as advised to not use the `old()` function and form_helper nor `RedirectResponse::withInput()` and `redirect()-\u003ewithInput()`."
},
{
"lang": "es",
"value": "CodeIgniter es un framework web full-stack de PHP de c\u00f3digo abierto. Se encontr\u00f3 una deserializaci\u00f3n de datos no confiables en la funci\u00f3n \"old()\" en CodeIgniter4. Los atacantes remotos pueden inyectar objetos arbitrarios autocargables con esta vulnerabilidad, y posiblemente ejecutar c\u00f3digo PHP existente en el servidor. Tenemos conocimiento de una explotaci\u00f3n que funciona, que puede conllevar a una inyecci\u00f3n SQL. Se aconseja a usuarios que actualicen a la versi\u00f3n 4.1.6 o posterior. A los usuarios que no puedan actualizarse se les aconseja no usar la funci\u00f3n \"old()\" y form_helper ni \"RedirectResponse::withInput()\" y \"redirect()-\u0026gt;withInput()\""
}
],
"id": "CVE-2022-21647",
"lastModified": "2024-11-21T06:45:08.910",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.5,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-04T20:15:07.930",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/ce95ed5765256e2f09f3513e7d42790e0d6948f5"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-w6jr-wj64-mc9x"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/ce95ed5765256e2f09f3513e7d42790e0d6948f5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-w6jr-wj64-mc9x"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-502"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-502"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-01-20 16:15
Modified
2025-08-01 19:17
Severity ?
Summary
CodeIgniter is a PHP full-stack web framework. Prior to 4.5.8, CodeIgniter lacked proper header validation for its name and value. The potential attacker can construct deliberately malformed headers with Header class. This could disrupt application functionality, potentially causing errors or generating invalid HTTP requests. In some cases, these malformed requests might lead to a DoS scenario if a remote service’s web application firewall interprets them as malicious and blocks further communication with the application. This vulnerability is fixed in 4.5.8.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3196E89D-4361-48A2-8C3F-F0D0710308FD",
"versionEndExcluding": "4.5.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter is a PHP full-stack web framework. Prior to 4.5.8, CodeIgniter lacked proper header validation for its name and value. The potential attacker can construct deliberately malformed headers with Header class. This could disrupt application functionality, potentially causing errors or generating invalid HTTP requests. In some cases, these malformed requests might lead to a DoS scenario if a remote service\u2019s web application firewall interprets them as malicious and blocks further communication with the application. This vulnerability is fixed in 4.5.8."
},
{
"lang": "es",
"value": "CodeIgniter es una web PHP full-stack framework. Antes de la versi\u00f3n 4.5.8, CodeIgniter carec\u00eda de una validaci\u00f3n de encabezado adecuada para su nombre y valor. El atacante potencial puede construir encabezados malformados deliberadamente con la clase Header. Esto podr\u00eda interrumpir la funcionalidad de la aplicaci\u00f3n, lo que podr\u00eda causar errores o generar solicitudes HTTP no v\u00e1lidas. En algunos casos, estas solicitudes malformadas pueden conducir a un escenario de denegaci\u00f3n de servicio (DoS) si el firewall de la aplicaci\u00f3n web de un servicio remoto las interpreta como maliciosas y bloquea la comunicaci\u00f3n con la aplicaci\u00f3n. Esta vulnerabilidad se solucion\u00f3 en la versi\u00f3n 4.5.8."
}
],
"id": "CVE-2025-24013",
"lastModified": "2025-08-01T19:17:42.790",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
},
"published": "2025-01-20T16:15:28.877",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Technical Description"
],
"url": "https://datatracker.ietf.org/doc/html/rfc7230#section-3.2"
},
{
"source": "security-advisories@github.com",
"tags": [
"Not Applicable"
],
"url": "https://github.com/advisories/GHSA-wxmh-65f7-jcvw"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/5f8aa24280fb09947897d6b322bf1f0e038b13b6"
},
{
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-x5mq-jjr3-vmx6"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-436"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-01-09 21:15
Modified
2024-11-21 01:38
Severity ?
Summary
EllisLab CodeIgniter 2.1.2 allows remote attackers to bypass the xss_clean() Filter and perform XSS attacks.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/54620 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/54620 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D85D74F2-EB11-4888-BD21-48A0D49C8DA0",
"versionEndExcluding": "2.1.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "EllisLab CodeIgniter 2.1.2 allows remote attackers to bypass the xss_clean() Filter and perform XSS attacks."
},
{
"lang": "es",
"value": "EllisLab CodeIgniter versi\u00f3n 2.1.2, permite a atacantes remotos omitir el Filtro xss_clean() y llevar a cabo ataques de tipo XSS."
}
],
"id": "CVE-2012-1915",
"lastModified": "2024-11-21T01:38:02.390",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-09T21:15:10.903",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/54620"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/54620"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-10-15 19:15
Modified
2025-08-01 20:36
Severity ?
Summary
A Cross-Site Request Forgery (CSRF) in Codeigniter 3.1.13 allows attackers to arbitrarily change the Administrator password and escalate privileges.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/kirilkirkov/Ecommerce-CodeIgniter-Bootstrap/issues/264 | Exploit, Issue Tracking |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter | 3.1.13 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "E4DDD594-2B3A-4C35-9C4F-122A942A15EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Cross-Site Request Forgery (CSRF) in Codeigniter 3.1.13 allows attackers to arbitrarily change the Administrator password and escalate privileges."
},
{
"lang": "es",
"value": "Cross-Site Request Forgery (CSRF) en Codeigniter 3.1.13 permite a los atacantes cambiar arbitrariamente la contrase\u00f1a del administrador y aumentar los privilegios."
}
],
"id": "CVE-2024-41344",
"lastModified": "2025-08-01T20:36:13.317",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2024-10-15T19:15:17.287",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
],
"url": "https://github.com/kirilkirkov/Ecommerce-CodeIgniter-Bootstrap/issues/264"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-07-11 23:30
Modified
2025-04-09 00:30
Severity ?
Summary
The _sanitize_globals function in CodeIgniter 1.5.3 before 20070628 allows remote attackers to unset arbitrary global variables with unspecified impact, as demonstrated by a _SERVER cookie.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter | 1.5.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:1.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7854CAB9-06E9-42AD-AD02-2D7717455D88",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The _sanitize_globals function in CodeIgniter 1.5.3 before 20070628 allows remote attackers to unset arbitrary global variables with unspecified impact, as demonstrated by a _SERVER cookie."
},
{
"lang": "es",
"value": "La funci\u00f3n _sanitize_globals en CodeIgniter 1.5.3 anterior a 20070628 permite a atacantes remotos desasignar variables globales de su elecci\u00f3n con impacto desconocido, como se demostr\u00f3 con la cookie _SERVER."
}
],
"id": "CVE-2007-3706",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-07-11T23:30:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064500.html"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/37905"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/25991"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/2877"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/473190/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064500.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/37905"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25991"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/2877"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/473190/100/0/threaded"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-10-07 11:15
Modified
2024-11-21 07:22
Severity ?
Summary
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_where_in() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter | * | |
| codeigniter | codeigniter | 3.0 | |
| codeigniter | codeigniter | 3.0 | |
| codeigniter | codeigniter | 3.0 | |
| codeigniter | codeigniter | 3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9534CB28-BB53-4CF8-9337-51314C6503BA",
"versionEndIncluding": "3.1.13",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:-:*:*:*:*:*:*",
"matchCriteriaId": "E3D89799-8C31-4A6D-A891-3B445B22C234",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:rc:*:*:*:*:*:*",
"matchCriteriaId": "51252C58-6FD7-4F20-A396-9A3A512012AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "684DB479-334E-4D9C-9284-D9FFF0E72383",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "222F4332-C4F0-4152-9517-0915B006E304",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "B.C. Institute of Technology CodeIgniter \u003c=3.1.13 is vulnerable to SQL Injection via system\\database\\DB_query_builder.php or_where_in() function. Note: Multiple third parties have disputed this as not a valid vulnerability."
},
{
"lang": "es",
"value": "B.C. Institute of Technology CodeIgniter versiones anteriores a 3.1.13 incluy\u00e9ndola, es vulnerable a una inyecci\u00f3n SQL por medio de la funci\u00f3n system\\database\\DB_query_builder.php or_where_in()"
}
],
"id": "CVE-2022-40833",
"lastModified": "2024-11-21T07:22:07.070",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-07T11:15:11.667",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-09-23 23:55
Modified
2025-04-11 00:51
Severity ?
Summary
CodeIgniter 1.7.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by system/scaffolding/views/view.php and certain other files.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter | 1.7.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:1.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D74AEBFC-25AF-4899-A75A-22ED3EE9061F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter 1.7.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by system/scaffolding/views/view.php and certain other files."
},
{
"lang": "es",
"value": "CodeIgniter v1.7.2 permite a atacantes remotos obtener informaci\u00f3n sensible a trav\u00e9s de una petici\u00f3n directa a un archivo .php, lo que revela la ruta de instalaci\u00f3n en un mensaje de error, como se demostr\u00f3 con system/scaffolding/views/view.php y algunos otros archivos."
}
],
"id": "CVE-2011-3719",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-09-23T23:55:02.740",
"references": [
{
"source": "cve@mitre.org",
"url": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/CodeIgniter_1.7.2"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2011/06/27/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/CodeIgniter_1.7.2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2011/06/27/6"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-09-19 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
CodeIgniter before 2.2.0 makes it easier for attackers to decode session cookies by leveraging fallback to a custom XOR-based encryption scheme when the Mcrypt extension for PHP is not available.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://packetstormsecurity.com/files/130609/Seagate-Business-NAS-Unauthenticated-Remote-Command-Execution.html | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://beyondbinary.io/articles/seagate-nas-rce/ | Exploit, Third Party Advisory | |
| cve@mitre.org | https://codeigniter.com/userguide2/changelog.html | Vendor Advisory | |
| cve@mitre.org | https://www.dionach.com/blog/codeigniter-session-decoding-vulnerability | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/130609/Seagate-Business-NAS-Unauthenticated-Remote-Command-Execution.html | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://beyondbinary.io/articles/seagate-nas-rce/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://codeigniter.com/userguide2/changelog.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.dionach.com/blog/codeigniter-session-decoding-vulnerability | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3574FB96-8A45-4AAC-A946-EC1CD8DDCF8B",
"versionEndIncluding": "2.1.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter before 2.2.0 makes it easier for attackers to decode session cookies by leveraging fallback to a custom XOR-based encryption scheme when the Mcrypt extension for PHP is not available."
},
{
"lang": "es",
"value": "CodeIgniter en versiones anteriores a la 2.2.0 facilita que los atacantes descodifiquen cookies de sesi\u00f3n aprovechando un fallback a una combinaci\u00f3n de cifrado personalizada basada en XOR cuando la extensi\u00f3n Mcrypt para PHP no est\u00e1 disponible."
}
],
"id": "CVE-2014-8686",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-09-19T19:29:00.263",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/130609/Seagate-Business-NAS-Unauthenticated-Remote-Command-Execution.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://beyondbinary.io/articles/seagate-nas-rce/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://codeigniter.com/userguide2/changelog.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.dionach.com/blog/codeigniter-session-decoding-vulnerability"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/130609/Seagate-Business-NAS-Unauthenticated-Remote-Command-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://beyondbinary.io/articles/seagate-nas-rce/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://codeigniter.com/userguide2/changelog.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.dionach.com/blog/codeigniter-session-decoding-vulnerability"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-310"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-10-07 11:15
Modified
2024-11-21 07:22
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_where() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter | * | |
| codeigniter | codeigniter | 3.0 | |
| codeigniter | codeigniter | 3.0 | |
| codeigniter | codeigniter | 3.0 | |
| codeigniter | codeigniter | 3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9534CB28-BB53-4CF8-9337-51314C6503BA",
"versionEndIncluding": "3.1.13",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:-:*:*:*:*:*:*",
"matchCriteriaId": "E3D89799-8C31-4A6D-A891-3B445B22C234",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:rc:*:*:*:*:*:*",
"matchCriteriaId": "51252C58-6FD7-4F20-A396-9A3A512012AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "684DB479-334E-4D9C-9284-D9FFF0E72383",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "222F4332-C4F0-4152-9517-0915B006E304",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "B.C. Institute of Technology CodeIgniter \u003c=3.1.13 is vulnerable to SQL Injection via system\\database\\DB_query_builder.php or_where() function. Note: Multiple third parties have disputed this as not a valid vulnerability."
},
{
"lang": "es",
"value": "B.C. Institute of Technology CodeIgniter versiones anteriores a 3.1.13 incluy\u00e9ndola, es vulnerable a una inyecci\u00f3n SQL por medio de la funci\u00f3n system\\database\\DB_query_builder.php or_where()"
}
],
"id": "CVE-2022-40824",
"lastModified": "2024-11-21T07:22:05.360",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2022-10-07T11:15:10.797",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-06-17 20:29
Modified
2025-06-09 06:15
Severity ?
Summary
A Session Fixation issue exists in CodeIgniter before 3.1.9 because session.use_strict_mode in the Session Library was mishandled.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/bcit-ci/CodeIgniter/commit/800a20d6c4662d99ae0988b2f8f2238bb8bb29db | ||
| cve@mitre.org | https://www.codeigniter.com/user_guide/changelog.html | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.codeigniter.com/user_guide/changelog.html | Release Notes, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C7D3984A-385A-4D88-875B-6AC3853F59F8",
"versionEndExcluding": "3.1.9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Session Fixation issue exists in CodeIgniter before 3.1.9 because session.use_strict_mode in the Session Library was mishandled."
},
{
"lang": "es",
"value": "Existe un problema de fijaci\u00f3n de sesi\u00f3n en CodeIgniter en versiones anteriores a la 3.1.9 debido a que session.use_strict_mode se gestion\u00f3 de manera incorrecta en Session Library."
}
],
"id": "CVE-2018-12071",
"lastModified": "2025-06-09T06:15:22.303",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-06-17T20:29:00.540",
"references": [
{
"source": "cve@mitre.org",
"url": "https://github.com/bcit-ci/CodeIgniter/commit/800a20d6c4662d99ae0988b2f8f2238bb8bb29db"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.codeigniter.com/user_guide/changelog.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.codeigniter.com/user_guide/changelog.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-384"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-24 20:15
Modified
2024-11-21 06:45
Severity ?
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
CodeIgniter4 is the 4.x branch of CodeIgniter, a PHP full-stack web framework. A cross-site scripting (XSS) vulnerability was found in `API\ResponseTrait` in Codeigniter4 prior to version 4.1.8. Attackers can do XSS attacks if a potential victim is using `API\ResponseTrait`. Version 4.1.8 contains a patch for this vulnerability. There are two potential workarounds available. Users may avoid using `API\ResponseTrait` or `ResourceController` Users may also disable Auto Route and use defined routes only.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security-advisories@github.com | https://codeigniter4.github.io/userguide/incoming/routing.html#use-defined-routes-only | Mitigation, Vendor Advisory | |
| security-advisories@github.com | https://github.com/codeigniter4/CodeIgniter4/commit/70d881cf5322b7c32e69516aebd2273ac6a1e8dd | Patch, Third Party Advisory | |
| security-advisories@github.com | https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-7528-7jg5-6g62 | Mitigation, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://codeigniter4.github.io/userguide/incoming/routing.html#use-defined-routes-only | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/codeigniter4/CodeIgniter4/commit/70d881cf5322b7c32e69516aebd2273ac6a1e8dd | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-7528-7jg5-6g62 | Mitigation, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B1C63CF8-7611-44C2-A2A4-18FD834638A1",
"versionEndExcluding": "4.1.8",
"versionStartIncluding": "4.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter4 is the 4.x branch of CodeIgniter, a PHP full-stack web framework. A cross-site scripting (XSS) vulnerability was found in `API\\ResponseTrait` in Codeigniter4 prior to version 4.1.8. Attackers can do XSS attacks if a potential victim is using `API\\ResponseTrait`. Version 4.1.8 contains a patch for this vulnerability. There are two potential workarounds available. Users may avoid using `API\\ResponseTrait` or `ResourceController` Users may also disable Auto Route and use defined routes only."
},
{
"lang": "es",
"value": "CodeIgniter4 es la rama versi\u00f3n 4.x de CodeIgniter, un framework web PHP full-stack. Se ha encontrado una vulnerabilidad de tipo cross-site scripting (XSS) en \"API\\ResponseTrait\" en Codeigniter4 versiones anteriores a 4.1.8. Los atacantes pueden realizar ataques de tipo XSS si una v\u00edctima potencial est\u00e1 usando \"API\\ResponseTrait\". La versi\u00f3n 4.1.8, contiene un parche para esta vulnerabilidad. Se presentan dos posibles soluciones disponibles. Los usuarios pueden evitar el uso de \"APIResponseTrait\" o \"ResourceController\" Los usuarios tambi\u00e9n pueden deshabilitar la Ruta Autom\u00e1tica y usar s\u00f3lo las rutas definidas"
}
],
"id": "CVE-2022-21715",
"lastModified": "2024-11-21T06:45:17.603",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-24T20:15:08.713",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://codeigniter4.github.io/userguide/incoming/routing.html#use-defined-routes-only"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/70d881cf5322b7c32e69516aebd2273ac6a1e8dd"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-7528-7jg5-6g62"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://codeigniter4.github.io/userguide/incoming/routing.html#use-defined-routes-only"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/70d881cf5322b7c32e69516aebd2273ac6a1e8dd"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-7528-7jg5-6g62"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-10-07 11:15
Modified
2024-11-21 07:22
Severity ?
Summary
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php having() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter | * | |
| codeigniter | codeigniter | 3.0 | |
| codeigniter | codeigniter | 3.0 | |
| codeigniter | codeigniter | 3.0 | |
| codeigniter | codeigniter | 3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9534CB28-BB53-4CF8-9337-51314C6503BA",
"versionEndIncluding": "3.1.13",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:-:*:*:*:*:*:*",
"matchCriteriaId": "E3D89799-8C31-4A6D-A891-3B445B22C234",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:rc:*:*:*:*:*:*",
"matchCriteriaId": "51252C58-6FD7-4F20-A396-9A3A512012AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "684DB479-334E-4D9C-9284-D9FFF0E72383",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "222F4332-C4F0-4152-9517-0915B006E304",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "B.C. Institute of Technology CodeIgniter \u003c=3.1.13 is vulnerable to SQL Injection via system\\database\\DB_query_builder.php having() function. Note: Multiple third parties have disputed this as not a valid vulnerability."
},
{
"lang": "es",
"value": "B.C. Institute of Technology CodeIgniter versiones anteriores a 3.1.13 incluy\u00e9ndola, es vulnerable a una inyecci\u00f3n SQL por medio de la funci\u00f3n system\\database\\DB_query_builder.php having()"
}
],
"id": "CVE-2022-40832",
"lastModified": "2024-11-21T07:22:06.910",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-07T11:15:11.593",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-08-12 21:15
Modified
2024-11-21 07:12
Severity ?
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:L
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
Shield is an authentication and authorization framework for CodeIgniter 4. This vulnerability may allow [SameSite Attackers](https://canitakeyoursubdomain.name/) to bypass the [CodeIgniter4 CSRF protection](https://codeigniter4.github.io/userguide/libraries/security.html) mechanism with CodeIgniter Shield. For this attack to succeed, the attacker must have direct (or indirect, e.g., XSS) control over a subdomain site (e.g., `https://a.example.com/`) of the target site (e.g., `http://example.com/`). Upgrade to **CodeIgniter v4.2.3 or later** and **Shield v1.0.0-beta.2 or later**. As a workaround: set `Config\Security::$csrfProtection` to `'session,'`remove old session data right after login (immediately after ID and password match) and regenerate CSRF token right after login (immediately after ID and password match)
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter | * | |
| codeigniter | shield | 1.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FBF0023B-014D-4BB0-A3C9-9A73D58C0C15",
"versionEndExcluding": "4.2.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:shield:1.0.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "B1E3F1E0-C2D7-4EC5-AD04-AEB414A3D71C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Shield is an authentication and authorization framework for CodeIgniter 4. This vulnerability may allow [SameSite Attackers](https://canitakeyoursubdomain.name/) to bypass the [CodeIgniter4 CSRF protection](https://codeigniter4.github.io/userguide/libraries/security.html) mechanism with CodeIgniter Shield. For this attack to succeed, the attacker must have direct (or indirect, e.g., XSS) control over a subdomain site (e.g., `https://a.example.com/`) of the target site (e.g., `http://example.com/`). Upgrade to **CodeIgniter v4.2.3 or later** and **Shield v1.0.0-beta.2 or later**. As a workaround: set `Config\\Security::$csrfProtection` to `\u0027session,\u0027`remove old session data right after login (immediately after ID and password match) and regenerate CSRF token right after login (immediately after ID and password match)"
},
{
"lang": "es",
"value": "Shield es un marco de autenticaci\u00f3n y autorizaci\u00f3n para CodeIgniter 4. Esta vulnerabilidad puede permitir a [Atacantes del Mismo Sitio](https://canitakeyoursubdomain.name/) omitir el mecanismo de [protecci\u00f3n CSRF de CodeIgniter4](https://codeigniter4.github.io/userguide/libraries/security.html) con CodeIgniter Shield. Para que este ataque tenga \u00e9xito, el atacante debe tener control directo (o indirecto, por ejemplo, de tipo XSS) sobre un sitio subdominio (por ejemplo, \"https://a.example.com/\") del sitio objetivo (por ejemplo, \"http://example.com/\"). Actualice a **CodeIgniter versiones v4.2.3 o posteriores** y **Shield versiones v1.0.0-beta.2 o posteriores**. Como mitigaci\u00f3n: establezca \"Config\\Security::$csrfProtection\" como \"\"sesi\u00f3n,\"\"elimine los datos de la sesi\u00f3n antigua justo despu\u00e9s del inicio de sesi\u00f3n (inmediatamente despu\u00e9s de que el ID y la contrase\u00f1a coincidan) y regenere el token CSRF justo despu\u00e9s del inicio de sesi\u00f3n (inmediatamente despu\u00e9s de que el ID y la contrase\u00f1a coincidan)"
}
],
"id": "CVE-2022-35943",
"lastModified": "2024-11-21T07:12:01.093",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 4.2,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-12T21:15:07.803",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Broken Link"
],
"url": "https://codeigniter4.github.io/userguide/libraries/security.htm"
},
{
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
],
"url": "https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite"
},
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Mitigation",
"Third Party Advisory"
],
"url": "https://github.com/codeigniter4/shield/security/advisories/GHSA-5hm8-vh6r-2cjq"
},
{
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
],
"url": "https://jub0bs.com/posts/2021-01-29-great-samesite-confusion"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://codeigniter4.github.io/userguide/libraries/security.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mitigation",
"Third Party Advisory"
],
"url": "https://github.com/codeigniter4/shield/security/advisories/GHSA-5hm8-vh6r-2cjq"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://jub0bs.com/posts/2021-01-29-great-samesite-confusion"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-12-22 19:15
Modified
2024-11-21 06:48
Severity ?
7.0 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Summary
CodeIgniter is a PHP full-stack web framework. This vulnerability may allow attackers to spoof their IP address when the server is behind a reverse proxy. This issue has been patched, please upgrade to version 4.2.11 or later, and configure `Config\App::$proxyIPs`. As a workaround, do not use `$request->getIPAddress()`.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security-advisories@github.com | https://github.com/codeigniter4/CodeIgniter4/commit/5ca8c99b2db09a2a08a013836628028ddc984659 | Patch, Third Party Advisory | |
| security-advisories@github.com | https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-ghw3-5qvm-3mqc | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/codeigniter4/CodeIgniter4/commit/5ca8c99b2db09a2a08a013836628028ddc984659 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-ghw3-5qvm-3mqc | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E8EEE4F-3F8A-4CC9-9501-87DD6F0FF2B2",
"versionEndExcluding": "4.2.11",
"versionStartIncluding": "4.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter is a PHP full-stack web framework. This vulnerability may allow attackers to spoof their IP address when the server is behind a reverse proxy. This issue has been patched, please upgrade to version 4.2.11 or later, and configure `Config\\App::$proxyIPs`. As a workaround, do not use `$request-\u003egetIPAddress()`.\n"
},
{
"lang": "es",
"value": "CodeIgniter es un framework web PHP de full-stack. Esta vulnerabilidad puede permitir a los atacantes falsificar su direcci\u00f3n IP cuando el servidor est\u00e1 detr\u00e1s de un proxy inverso. Este problema ha sido solucionado, actualice a la versi\u00f3n 4.2.11 o posterior y configure `Config\\App::$proxyIPs`. Como soluci\u00f3n alternativa, no utilice `$request-\u0026gt;getIPAddress()`."
}
],
"id": "CVE-2022-23556",
"lastModified": "2024-11-21T06:48:48.380",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 4.7,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-12-22T19:15:09.090",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/5ca8c99b2db09a2a08a013836628028ddc984659"
},
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-ghw3-5qvm-3mqc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/5ca8c99b2db09a2a08a013836628028ddc984659"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-ghw3-5qvm-3mqc"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-345"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-10-06 20:15
Modified
2024-11-21 07:17
Severity ?
2.6 (Low) - CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Summary
CodeIgniter is a PHP full-stack web framework. In versions prior to 4.2.7 setting `$secure` or `$httponly` value to `true` in `Config\Cookie` is not reflected in `set_cookie()` or `Response::setCookie()`. As a result cookie values are erroneously exposed to scripts. It should be noted that this vulnerability does not affect session cookies. Users are advised to upgrade to v4.2.7 or later. Users unable to upgrade are advised to manually construct their cookies either by setting the options in code or by constructing Cookie objects. Examples of each workaround are available in the linked GHSA.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C7EE7A28-9975-47B3-A807-671053ECB33A",
"versionEndExcluding": "4.2.7",
"versionStartIncluding": "4.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter is a PHP full-stack web framework. In versions prior to 4.2.7 setting `$secure` or `$httponly` value to `true` in `Config\\Cookie` is not reflected in `set_cookie()` or `Response::setCookie()`. As a result cookie values are erroneously exposed to scripts. It should be noted that this vulnerability does not affect session cookies. Users are advised to upgrade to v4.2.7 or later. Users unable to upgrade are advised to manually construct their cookies either by setting the options in code or by constructing Cookie objects. Examples of each workaround are available in the linked GHSA."
},
{
"lang": "es",
"value": "CodeIgniter es un framework web PHP full-stack. En versiones anteriores a 4.2.7 el valor \"$secure\" o \"$httponly\" de \"true\" en \"Config\\Cookie\" no es reflejado en \"set_cookie()\" o \"Response::setCookie()\". Como resultado, los valores de las cookies son expuestas err\u00f3neamente a los scripts. Cabe destacar que esta vulnerabilidad no afecta a las cookies de sesi\u00f3n. Es recomendado a usuarios actualizar a versi\u00f3n 4.2.7 o posterior. A usuarios que no puedan actualizarse les es aconsejado que construyan manualmente sus cookies, ya sea al establecer las opciones en el c\u00f3digo o construyendo objetos Cookie. Ejemplos de cada mitigaci\u00f3n est\u00e1n disponibles en el enlace GHSA"
}
],
"id": "CVE-2022-39284",
"lastModified": "2024-11-21T07:17:57.370",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 1.4,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-06T20:15:35.560",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://codeigniter4.github.io/userguide/helpers/cookie_helper.html#set_cookie"
},
{
"source": "security-advisories@github.com",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://codeigniter4.github.io/userguide/outgoing/response.html#CodeIgniter%5CHTTP%5CResponse::setCookie"
},
{
"source": "security-advisories@github.com",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies#restrict_access_to_cookies"
},
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/issues/6540"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/pull/6544"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-745p-r637-7vvp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://codeigniter4.github.io/userguide/helpers/cookie_helper.html#set_cookie"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://codeigniter4.github.io/userguide/outgoing/response.html#CodeIgniter%5CHTTP%5CResponse::setCookie"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies#restrict_access_to_cookies"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/issues/6540"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/pull/6544"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-745p-r637-7vvp"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-665"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-732"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-10-07 11:15
Modified
2024-11-21 07:22
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_like() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter | * | |
| codeigniter | codeigniter | 3.0 | |
| codeigniter | codeigniter | 3.0 | |
| codeigniter | codeigniter | 3.0 | |
| codeigniter | codeigniter | 3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9534CB28-BB53-4CF8-9337-51314C6503BA",
"versionEndIncluding": "3.1.13",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:-:*:*:*:*:*:*",
"matchCriteriaId": "E3D89799-8C31-4A6D-A891-3B445B22C234",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:rc:*:*:*:*:*:*",
"matchCriteriaId": "51252C58-6FD7-4F20-A396-9A3A512012AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "684DB479-334E-4D9C-9284-D9FFF0E72383",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "222F4332-C4F0-4152-9517-0915B006E304",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "B.C. Institute of Technology CodeIgniter \u003c=3.1.13 is vulnerable to SQL Injection via system\\database\\DB_query_builder.php or_like() function. Note: Multiple third parties have disputed this as not a valid vulnerability."
},
{
"lang": "es",
"value": "B.C. Institute of Technology CodeIgniter versiones anteriores a 3.1.13 incluy\u00e9ndola, es vulnerable a una inyecci\u00f3n SQL por medio de la funci\u00f3n system\\database\\DB_query_builder.php or_like()"
}
],
"id": "CVE-2022-40829",
"lastModified": "2024-11-21T07:22:06.280",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2022-10-07T11:15:11.347",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-07-28 15:15
Modified
2025-08-05 15:46
Severity ?
Summary
CodeIgniter is a PHP full-stack web framework. A command injection vulnerability present in versions prior to 4.6.2 affects applications that use the ImageMagick handler for image processing (`imagick` as the image library) and either allow file uploads with user-controlled filenames and process uploaded images using the `resize()` method or use the `text()` method with user-controlled text content or options. An attacker can upload a file with a malicious filename containing shell metacharacters that get executed when the image is processed or provide malicious text content or options that get executed when adding text to images Users should upgrade to v4.6.2 or later to receive a patch. As a workaround, switch to the GD image handler (`gd`, the default handler), which is not affected by either vulnerability. For file upload scenarios, instead of using user-provided filenames, generate random names to eliminate the attack vector with `getRandomName()` when using the `move()` method, or use the `store()` method, which automatically generates safe filenames. For text operations, if one must use ImageMagick with user-controlled text, sanitize the input to only allow safe characters and validate/restrict text options.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0646754C-2BA8-40F6-8838-5491EF4FDAA4",
"versionEndExcluding": "4.6.2",
"versionStartIncluding": "4.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter is a PHP full-stack web framework. A command injection vulnerability present in versions prior to 4.6.2 affects applications that use the ImageMagick handler for image processing (`imagick` as the image library) and either allow file uploads with user-controlled filenames and process uploaded images using the `resize()` method or use the `text()` method with user-controlled text content or options. An attacker can upload a file with a malicious filename containing shell metacharacters that get executed when the image is processed or provide malicious text content or options that get executed when adding text to images Users should upgrade to v4.6.2 or later to receive a patch. As a workaround, switch to the GD image handler (`gd`, the default handler), which is not affected by either vulnerability. For file upload scenarios, instead of using user-provided filenames, generate random names to eliminate the attack vector with `getRandomName()` when using the `move()` method, or use the `store()` method, which automatically generates safe filenames. For text operations, if one must use ImageMagick with user-controlled text, sanitize the input to only allow safe characters and validate/restrict text options."
},
{
"lang": "es",
"value": "CodeIgniter es un framework web PHP full-stack. Una vulnerabilidad de inyecci\u00f3n de comandos presente en versiones anteriores a la 4.6.2 afecta a las aplicaciones que usan el manejador ImageMagick para el procesamiento de im\u00e1genes (`imagick` como librer\u00eda de im\u00e1genes) y que permiten la carga de archivos con nombres controlados por el usuario y procesan las im\u00e1genes cargadas usando el m\u00e9todo `resize()` o usan el m\u00e9todo `text()` con contenido de texto u opciones controlados por el usuario. Un atacante puede cargar un archivo con un nombre malicioso que contenga metacaracteres de shell que se ejecuten cuando se procese la imagen o proporcionar contenido de texto malicioso u opciones que se ejecuten al agregar texto a las im\u00e1genes. Los usuarios deben actualizar a la v4.6.2 o posterior para recibir un parche. Como soluci\u00f3n alternativa, cambie al manejador de im\u00e1genes GD (`gd`, el manejador predeterminado), que no se ve afectado por ninguna de las vulnerabilidades. Para la carga de archivos, en lugar de usar nombres de archivo proporcionados por el usuario, genere nombres aleatorios para eliminar el vector de ataque con `getRandomName()` al usar el m\u00e9todo `move()`, o use el m\u00e9todo `store()`, que genera autom\u00e1ticamente nombres de archivo seguros. Para operaciones de texto, si es necesario usar ImageMagick con texto controlado por el usuario, depure la entrada para permitir solo caracteres seguros y valide/restringa las opciones de texto."
}
],
"id": "CVE-2025-54418",
"lastModified": "2025-08-05T15:46:02.750",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
},
"published": "2025-07-28T15:15:26.957",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Not Applicable"
],
"url": "https://cwe.mitre.org/data/definitions/78.html"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/e18120bff1da691e1d15ffc1bf553ae7411762c0"
},
{
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory",
"Mitigation"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-9952-gv64-x94c"
},
{
"source": "security-advisories@github.com",
"tags": [
"Not Applicable"
],
"url": "https://owasp.org/www-community/attacks/Command_Injection"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-10-07 11:15
Modified
2024-11-21 07:22
Severity ?
Summary
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php like() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter | * | |
| codeigniter | codeigniter | 3.0 | |
| codeigniter | codeigniter | 3.0 | |
| codeigniter | codeigniter | 3.0 | |
| codeigniter | codeigniter | 3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9534CB28-BB53-4CF8-9337-51314C6503BA",
"versionEndIncluding": "3.1.13",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:-:*:*:*:*:*:*",
"matchCriteriaId": "E3D89799-8C31-4A6D-A891-3B445B22C234",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:rc:*:*:*:*:*:*",
"matchCriteriaId": "51252C58-6FD7-4F20-A396-9A3A512012AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "684DB479-334E-4D9C-9284-D9FFF0E72383",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "222F4332-C4F0-4152-9517-0915B006E304",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "B.C. Institute of Technology CodeIgniter \u003c=3.1.13 is vulnerable to SQL Injection via system\\database\\DB_query_builder.php like() function. Note: Multiple third parties have disputed this as not a valid vulnerability."
},
{
"lang": "es",
"value": "B.C. Institute of Technology CodeIgniter versiones anteriores a 3.1.13 incluy\u00e9ndola, es vulnerable a una inyecci\u00f3n SQL por medio de la funci\u00f3n like() de system\\database\\DB_query_builder.php"
}
],
"id": "CVE-2022-40831",
"lastModified": "2024-11-21T07:22:06.747",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-07T11:15:11.507",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-10-31 16:15
Modified
2024-11-21 08:28
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
CodeIgniter is a PHP full-stack web framework. Prior to CodeIgniter4 version 4.4.3, if an error or exception occurs, a detailed error report is displayed even if in the production environment. As a result, confidential information may be leaked. Version 4.4.3 contains a patch. As a workaround, replace `ini_set('display_errors', '0')` with `ini_set('display_errors', 'Off')` in `app/Config/Boot/production.php`.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "04B25A7E-3363-492A-A24A-B7D0087E9DAA",
"versionEndExcluding": "4.4.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter is a PHP full-stack web framework. Prior to CodeIgniter4 version 4.4.3, if an error or exception occurs, a detailed error report is displayed even if in the production environment. As a result, confidential information may be leaked. Version 4.4.3 contains a patch. As a workaround, replace `ini_set(\u0027display_errors\u0027, \u00270\u0027)` with `ini_set(\u0027display_errors\u0027, \u0027Off\u0027)` in `app/Config/Boot/production.php`."
},
{
"lang": "es",
"value": "CodeIgniter es un framework web PHP de pila completa. Antes de CodeIgniter4 versi\u00f3n 4.4.3, si se produc\u00eda un error o una excepci\u00f3n, se mostraba un informe de error detallado incluso en el entorno de producci\u00f3n. Como resultado, se puede filtrar informaci\u00f3n confidencial. La versi\u00f3n 4.4.3 contiene un parche. Como workaround, reemplace `ini_set(\u0027display_errors\u0027, \u00270\u0027)` con `ini_set(\u0027display_errors\u0027, \u0027Off\u0027)` en `app/Config/Boot/production.php`."
}
],
"id": "CVE-2023-46240",
"lastModified": "2024-11-21T08:28:08.787",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-10-31T16:15:09.617",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Product"
],
"url": "https://codeigniter4.github.io/userguide/general/errors.html#error-reporting"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/423569fc31e29f51635a2e59c89770333f0e7563"
},
{
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-hwxf-qxj7-7rfj"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://codeigniter4.github.io/userguide/general/errors.html#error-reporting"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/423569fc31e29f51635a2e59c89770333f0e7563"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-hwxf-qxj7-7rfj"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-209"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}