ASIS 3.2.0 SQL Injection

============================================================================================================================================ | Title : ASIS | Aplikasi Sistem Sekolah using CodeIgniter 3 - SQL Injection Authentication Bypass | | Author : checkgue | | Tested on : windows 10 Home /...

CVE-2024-45622

ASIS aka Aplikasi Sistem Sekolah using CodeIgniter 3 3.0.0 through 3.2.0 allows index.php username SQL injection for Authentication Bypass...

CVE-2024-45622

ASIS aka Aplikasi Sistem Sekolah using CodeIgniter 3 3.0.0 through 3.2.0 allows index.php username SQL injection for Authentication Bypass...

CVE-2024-45622

ASIS aka Aplikasi Sistem Sekolah using CodeIgniter 3 3.0.0 through 3.2.0 allows index.php username SQL injection for Authentication Bypass...

PT-2024-31712 · Unknown +1 · Codeigniter 3 +1

Name of the Vulnerable Software and Affected Versions: ASIS aka Aplikasi Sistem Sekolah using CodeIgniter 3 versions 3.0.0 through 3.2.0 Description: The issue allows attackers to inject SQL through the "index.php" file, which can be exploited to bypass authentication. This is achieved by injecti...

ASIS 安全漏洞

ASIS Aplikasi Sistem Sekolah using CodeIgniter is a school system application with the Codeigniter framework by the individual developer Mahmud siregar. A security vulnerability exists in ASIS versions 3.0.0 through 3.2.0 that stems from allowing a user to bypass authentication...

CVE-2024-45622

ASIS (Aplikasi Sistem Sekolah) built on CodeIgniter 3 versions 3.0.0–3.2.0 is affected by a SQL injection in the index.php handling of the username parameter, enabling an authentication bypass. The issue arises from improper handling of user input leading to unauthenticated access (CWE-89). The C...

Mini Inventory and Sales Management System 安全漏洞

Mini Inventory and Sales Management System is a small inventory and sales management system written in PHP CodeIgniter framework that supports MySQL and Sqlite3 databases. A security vulnerability exists in Mini Inventory and Sales Management System. An attacker can exploit this vulnerability to...

CVE-2024-6526

A vulnerability classified as problematic has been found in CodeIgniter Ecommerce-CodeIgniter-Bootstrap up to 1998845073cf433bc6c250b0354461fbd84d0e03. This affects an unknown part. The manipulation of the argument searchtitle/catName/sub/name/categorie leads to cross site scripting. It is possib...

CVE-2024-6526

A vulnerability classified as problematic has been found in CodeIgniter Ecommerce-CodeIgniter-Bootstrap up to 1998845073cf433bc6c250b0354461fbd84d0e03. This affects an unknown part. The manipulation of the argument searchtitle/catName/sub/name/categorie leads to cross site scripting. It is possib...

CVE-2024-6526

CVE-2024-6526 affects CodeIgniter Ecommerce-CodeIgniter-Bootstrap. The vulnerability arises from manipulation of the arguments search_title, catName, sub, name, and categorie, which leads to cross-site scripting (XSS). It can be exploited remotely, and public exploits/ PoC have been disclosed. A ...

CVE-2024-6526 CodeIgniter Ecommerce-CodeIgniter-Bootstrap cross site scripting

A vulnerability classified as problematic has been found in CodeIgniter Ecommerce-CodeIgniter-Bootstrap up to 1998845073cf433bc6c250b0354461fbd84d0e03. This affects an unknown part. The manipulation of the argument searchtitle/catName/sub/name/categorie leads to cross site scripting. It is possib...

CVE-2024-6526 CodeIgniter Ecommerce-CodeIgniter-Bootstrap cross site scripting

A vulnerability classified as problematic has been found in CodeIgniter Ecommerce-CodeIgniter-Bootstrap up to 1998845073cf433bc6c250b0354461fbd84d0e03. This affects an unknown part. The manipulation of the argument searchtitle/catName/sub/name/categorie leads to cross site scripting. It is possib...

PT-2024-37690 · Unknown · Codeigniter

Name of the Vulnerable Software and Affected Versions: CodeIgniter Ecommerce-CodeIgniter-Bootstrap up to 1998845073cf433bc6c250b0354461fbd84d0e03 Description: A problematic vulnerability has been found in CodeIgniter Ecommerce-CodeIgniter-Bootstrap. The manipulation of the argument search...

SQL Injection

codeigniter/framework is vulnerable to SQL injection. The vulnerability is inadequate input validation within CodeIgniter ODBC database driver, which allows attackers to inject and execute malicious SQL queries...

Cross Site Scripting(XSS)

codeIgniter/Framework is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to inadequate sanitization in the xssclean method within security.php, which allows an attacker can bypass the intended protection to execute arbitrary JavaScript code in the browser...

GHSA-27QR-636M-WXG2 codeigniter/framework SQL injection in ODBC database driver

CodeIgniter 3.1.0 addressed a critical security issue within the ODBC database driver. This update includes crucial fixes to mitigate a SQL injection vulnerability, preventing potential exploitation by attackers. It is noteworthy that these fixes render the query builder and escape functions...

codeigniter/framework SQL injection in ODBC database driver

CodeIgniter 3.1.0 addressed a critical security issue within the ODBC database driver. This update includes crucial fixes to mitigate a SQL injection vulnerability, preventing potential exploitation by attackers. It is noteworthy that these fixes render the query builder and escape functions...

Inadequate XSS Prevention in CodeIgniter/Framework Security Library

The xssclean method in the Security Library of CodeIgniter/Framework, specifically in versions before 3.0.3, exhibited a vulnerability that allowed certain Cross-Site Scripting XSS vectors to bypass its intended protection mechanisms. The xssclean method is designed to sanitize input data by...

GHSA-Q9J3-4GHJ-6H57 Inadequate XSS Prevention in CodeIgniter/Framework Security Library

The xssclean method in the Security Library of CodeIgniter/Framework, specifically in versions before 3.0.3, exhibited a vulnerability that allowed certain Cross-Site Scripting XSS vectors to bypass its intended protection mechanisms. The xssclean method is designed to sanitize input data by...