Vulnerabilities > Codeigniter > Codeigniter > 3.0.0

DATE CVE VULNERABILITY TITLE RISK
2022-10-07 CVE-2022-40832 SQL Injection vulnerability in Codeigniter
B.C.
network
low complexity
codeigniter CWE-89
critical
 9.8
9.8
2022-10-07 CVE-2022-40833 SQL Injection vulnerability in Codeigniter
B.C.
network
low complexity
codeigniter CWE-89
critical
 9.8
9.8
2022-10-07 CVE-2022-40834 SQL Injection vulnerability in Codeigniter
B.C.
network
low complexity
codeigniter CWE-89
critical
 9.8
9.8
2022-10-07 CVE-2022-40835 SQL Injection vulnerability in Codeigniter
B.C.
network
low complexity
codeigniter CWE-89
critical
 9.8
9.8
2020-03-23 CVE-2020-10793 Improper Privilege Management vulnerability in Codeigniter
CodeIgniter through 4.0.0 allows remote attackers to gain privileges via a modified Email ID to the "Select Role of the User" page.
network
low complexity
codeigniter CWE-269
8.8
8.8
2018-06-17 CVE-2018-12071 Session Fixation vulnerability in Codeigniter
A Session Fixation issue exists in CodeIgniter before 3.1.9 because session.use_strict_mode in the Session Library was mishandled.
network
low complexity
codeigniter CWE-384
7.5
7.5
2017-01-12 CVE-2016-10131 Injection vulnerability in Codeigniter
system/libraries/Email.php in CodeIgniter before 3.1.3 allows remote attackers to execute arbitrary code by leveraging control over the email->from field to insert sendmail command-line arguments.
network
low complexity
codeigniter CWE-74
7.5
7.5