Bitnami/codeigniter — 23 CVEs

Loading…

All known vulnerabilities

CRITICAL9.8CVE-2022-40824B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_where() functi…

>= 3.0.0, < 3.1.13 | >= 3.0.0, <= 3.0.0 | >= 3.0-rc.0, <= 3.0-rc.0, >= 3.0-rc2.0, <= 3.0-rc2.0, >= 3.0-rc3.0, <= 3.0-rc3.0

CRITICAL9.8CVE-2022-40825B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php where_in() functi…

>= 3.0.0, < 3.1.13 | >= 3.0.0, <= 3.0.0 | >= 3.0-rc.0, <= 3.0-rc.0, >= 3.0-rc2.0, <= 3.0-rc2.0, >= 3.0-rc3.0, <= 3.0-rc3.0

CRITICAL9.8B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_having() funct…

>= 3.0.0, < 3.1.13 | >= 3.0.0, <= 3.0.0 | >= 3.0-rc.0, <= 3.0-rc.0, >= 3.0-rc2.0, <= 3.0-rc2.0, >= 3.0-rc3.0, <= 3.0-rc3.0

CRITICAL9.8B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php where() function.

>= 3.0.0, < 3.1.13 | >= 3.0.0, <= 3.0.0 | >= 3.0-rc.0, <= 3.0-rc.0, >= 3.0-rc2.0, <= 3.0-rc2.0, >= 3.0-rc3.0, <= 3.0-rc3.0

CRITICAL9.8B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_where_not_in()…

>= 3.0.0, < 3.1.13 | >= 3.0.0, <= 3.0.0 | >= 3.0-rc.0, <= 3.0-rc.0, >= 3.0-rc2.0, <= 3.0-rc2.0, >= 3.0-rc3.0, <= 3.0-rc3.0

CRITICAL9.8B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_like() functio…

>= 3.0.0, < 3.1.13 | >= 3.0.0, <= 3.0.0 | >= 3.0-rc.0, <= 3.0-rc.0, >= 3.0-rc2.0, <= 3.0-rc2.0, >= 3.0-rc3.0, <= 3.0-rc3.0

CRITICAL9.8B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php where_not_in() fu…

>= 3.0.0, < 3.1.13 | >= 3.0.0, <= 3.0.0 | >= 3.0-rc.0, <= 3.0-rc.0, >= 3.0-rc2.0, <= 3.0-rc2.0, >= 3.0-rc3.0, <= 3.0-rc3.0

CRITICAL9.8B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php like() function.

>= 3.0.0, < 3.1.13 | >= 3.0.0, <= 3.0.0 | >= 3.0-rc.0, <= 3.0-rc.0, >= 3.0-rc2.0, <= 3.0-rc2.0, >= 3.0-rc3.0, <= 3.0-rc3.0

CRITICAL9.8B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php having() function.

>= 3.0.0, < 3.1.13 | >= 3.0.0, <= 3.0.0 | >= 3.0-rc.0, <= 3.0-rc.0, >= 3.0-rc2.0, <= 3.0-rc2.0, >= 3.0-rc3.0, <= 3.0-rc3.0

CRITICAL9.8B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_where_in() fun…

>= 3.0.0, < 3.1.13 | >= 3.0.0, <= 3.0.0 | >= 3.0-rc.0, <= 3.0-rc.0, >= 3.0-rc2.0, <= 3.0-rc2.0, >= 3.0-rc3.0, <= 3.0-rc3.0

CRITICAL9.8B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_not_like() fun…

>= 3.0.0, < 3.1.13 | >= 3.0.0, <= 3.0.0 | >= 3.0-rc.0, <= 3.0-rc.0, >= 3.0-rc2.0, <= 3.0-rc2.0, >= 3.0-rc3.0, <= 3.0-rc3.0

CRITICAL9.8B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php.

>= 3.0.0, < 3.1.13 | >= 3.0.0, <= 3.0.0 | >= 3.0-rc.0, <= 3.0-rc.0, >= 3.0-rc2.0, <= 3.0-rc2.0, >= 3.0-rc3.0, <= 3.0-rc3.0

CRITICAL9.8Remote Code Execution Vulnerability in Validation Placeholders in CodeIgniter4

from 0, < 4.3.5

CRITICAL9.4Remote CLI Command Execution Vulnerability in CodeIgniter4

>= 4.0.0, < 4.1.9

HIGH8.8CodeIgniter Improper Privilege Management

from 0, < 4.0.0

HIGH8.6CodeIgniter4 Potential Session Handlers Vulnerability

>= 4.0.0, < 4.2.11

HIGH7.7Deserialization of Untrusted Data in Codeigniter4

>= 4.0.0, < 4.1.6

HIGH7.5CodeIgniter4 vulnerable to information disclosure when detailed error report is displayed in production environment

from 0, < 4.4.3

HIGH7.0CodeIgniter4 allows spoofing of IP address when using proxy

>= 4.0.0, < 4.2.11

MEDIUM6.3Cross-Site Request Forgery (CSRF) Protection Bypass Vulnerability in CodeIgniter4

>= 4.0.0, < 4.1.9

MEDIUM5.9CodeIgniter Shield Vulnerable to SameSite Attackers Bypassing the CSRF Protection

from 0, < 4.2.3

MEDIUM5.4Cross-site Scripting Vulnerability in CodeIgniter4

>= 4.0.0, < 4.1.8

LOW2.6Codeigniter4's Secure or HttpOnly flag set in Config\Cookie is not reflected in Cookies issued

>= 4.0.0, < 4.2.7

pkg:Bitnami/codeigniter

✅ Check your installed version

All known vulnerabilities