CodeIgniter is vulnerable to sql injection. The vulnerability exists in the or_where
function of DB_query_builder.php
, allowing an attacker to inject and execute malicious sql queries.
CPE | Name | Operator | Version |
---|---|---|---|
bcit-ci/codeigniter | le | 3.1.10 | |
codeigniter/framework | le | 3.1.13 | |
bcit-ci/codeigniter | le | 3.1.10 | |
codeigniter/framework | le | 3.1.13 |