Vulnerabilities > Codeigniter

DATE	CVE	VULNERABILITY TITLE	RISK
2022-10-06	CVE-2022-39284	Incorrect Permission Assignment for Critical Resource vulnerability in Codeigniter CodeIgniter is a PHP full-stack web framework. network low complexity codeigniter CWE-732	4.3
2022-08-12	CVE-2022-35943	Unspecified vulnerability in Codeigniter Shield is an authentication and authorization framework for CodeIgniter 4. network low complexity codeigniter	8.8
2022-02-28	CVE-2022-24711	Improper Input Validation vulnerability in Codeigniter CodeIgniter4 is the 4.x branch of CodeIgniter, a PHP full-stack web framework. network low complexity codeigniter CWE-20 critical	9.8
2022-02-28	CVE-2022-24712	Unspecified vulnerability in Codeigniter CodeIgniter4 is the 4.x branch of CodeIgniter, a PHP full-stack web framework. network low complexity codeigniter	8.8
2022-01-24	CVE-2022-21715	Cross-site Scripting vulnerability in Codeigniter CodeIgniter4 is the 4.x branch of CodeIgniter, a PHP full-stack web framework. network low complexity codeigniter CWE-79	6.1
2022-01-04	CVE-2022-21647	Deserialization of Untrusted Data vulnerability in Codeigniter CodeIgniter is an open source PHP full-stack web framework. network low complexity codeigniter CWE-502 critical	9.8
2020-03-23	CVE-2020-10793	Improper Privilege Management vulnerability in Codeigniter CodeIgniter through 4.0.0 allows remote attackers to gain privileges via a modified Email ID to the "Select Role of the User" page. network low complexity codeigniter CWE-269	8.8
2020-01-09	CVE-2012-1915	Cross-site Scripting vulnerability in Codeigniter EllisLab CodeIgniter 2.1.2 allows remote attackers to bypass the xss_clean() Filter and perform XSS attacks. network low complexity codeigniter CWE-79	6.1
2018-06-17	CVE-2018-12071	Session Fixation vulnerability in Codeigniter A Session Fixation issue exists in CodeIgniter before 3.1.9 because session.use_strict_mode in the Session Library was mishandled. network low complexity codeigniter CWE-384 critical	9.8
2018-02-21	CVE-2015-5725	SQL Injection vulnerability in Codeigniter SQL injection vulnerability in the offset method in the Active Record class in CodeIgniter before 2.2.4 allows remote attackers to execute arbitrary SQL commands via vectors involving the offset variable. network low complexity codeigniter CWE-89 critical	9.8

Vulnerabilities > Codeigniter {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Codeigniter"}]}

Vulnerabilities > Codeigniter