995 matches found
CVE-2022-40827
B.C. Institute of Technology CodeIgniter =3.1.13 is vulnerable to SQL Injection via system\database\DBquerybuilder.php where function. Note: Multiple third parties have disputed this as not a valid vulnerability...
CVE-2022-40835
B.C. Institute of Technology CodeIgniter =3.1.13 is vulnerable to SQL Injection via system\database\DBquerybuilder.php. Note: Multiple third parties have disputed this as not a valid vulnerability...
CVE-2022-40830
B.C. Institute of Technology CodeIgniter =3.1.13 is vulnerable to SQL Injection via system\database\DBquerybuilder.php wherenotin function. Note: Multiple third parties have disputed this as not a valid vulnerability...
CVE-2022-40828
B.C. Institute of Technology CodeIgniter =3.1.13 is vulnerable to SQL Injection via system\database\DBquerybuilder.php orwherenotin function. Note: Multiple third parties have disputed this as not a valid vulnerability...
CVE-2022-40833
B.C. Institute of Technology CodeIgniter =3.1.13 is vulnerable to SQL Injection via system\database\DBquerybuilder.php orwherein function. Note: Multiple third parties have disputed this as not a valid vulnerability...
CVE-2022-40831
B.C. Institute of Technology CodeIgniter =3.1.13 is vulnerable to SQL Injection via system\database\DBquerybuilder.php like function. Note: Multiple third parties have disputed this as not a valid vulnerability...
CVE-2022-40832
B.C. Institute of Technology CodeIgniter =3.1.13 is vulnerable to SQL Injection via system\database\DBquerybuilder.php having function. Note: Multiple third parties have disputed this as not a valid vulnerability...
CVE-2022-40824
B.C. Institute of Technology CodeIgniter =3.1.13 is vulnerable to SQL Injection via system\database\DBquerybuilder.php orwhere function. Note: Multiple third parties have disputed this as not a valid vulnerability...
CVE-2022-39284
CodeIgniter is a PHP full-stack web framework. In versions prior to 4.2.7 setting $secure or $httponly value to true in Config\Cookie is not reflected in setcookie or Response::setCookie. As a result cookie values are erroneously exposed to scripts. It should be noted that this vulnerability does...
CVE-2022-35213
Ecommerce-CodeIgniter-Bootstrap before commit 56465f was discovered to contain a cross-site scripting XSS vulnerability via the function baseurl at /blog/blogpublish.php...
CVE-2020-25091
Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in application/modules/vendor/views/addproduct.php...
CVE-2020-25093
Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in blog.php. within application/views/templates/clothesshop, application/views/templates/onepage, and application/views/templates/redlabel...
CVE-2020-25086
Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in application/modules/admin/views/advancedsettings/adminUsers.php...
CVE-2020-25092
Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in parts/header.php, within application/views/templates/clothesshop, application/views/templates/greenlabel, and application/views/templates/redlabel...
CVE-2020-25090
Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in application/modules/admin/views/ecommerce/publish.php...
CVE-2020-25089
Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in application/modules/admin/views/ecommerce/discounts.php...
CVE-2020-25088
Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in application/modules/admin/views/blog/blogpublish.php...
CVE-2020-25087
Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in application/modules/admin/views/advancedsettings/languages.php...
CVE-2017-1000247
British Columbia Institute of Technology CodeIgniter 3.1.3 is vulnerable to HTTP Header Injection in the setstatusheader common function under Apache resulting in HTTP Header Injection flaws...
CVE-2011-3719
CodeIgniter 1.7.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by system/scaffolding/views/view.php and certain other files...