pkg:Bitnami/codeigniter

共 23 筆 CVECRITICAL14HIGH5MEDIUM3LOW1

✅ 檢查你的版本

所有已知漏洞

  • CRITICAL9.8CVE-2022-40824B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_where() functi…
    >= 3.0.0, < 3.1.13 | >= 3.0.0, <= 3.0.0 | >= 3.0-rc.0, <= 3.0-rc.0, >= 3.0-rc2.0, <= 3.0-rc2.0, >= 3.0-rc3.0, <= 3.0-rc3.0
  • CRITICAL9.8CVE-2022-40825B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php where_in() functi…
    >= 3.0.0, < 3.1.13 | >= 3.0.0, <= 3.0.0 | >= 3.0-rc.0, <= 3.0-rc.0, >= 3.0-rc2.0, <= 3.0-rc2.0, >= 3.0-rc3.0, <= 3.0-rc3.0
  • CRITICAL9.8CVE-2022-40826B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_having() funct…
    >= 3.0.0, < 3.1.13 | >= 3.0.0, <= 3.0.0 | >= 3.0-rc.0, <= 3.0-rc.0, >= 3.0-rc2.0, <= 3.0-rc2.0, >= 3.0-rc3.0, <= 3.0-rc3.0
  • CRITICAL9.8CVE-2022-40827B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php where() function.
    >= 3.0.0, < 3.1.13 | >= 3.0.0, <= 3.0.0 | >= 3.0-rc.0, <= 3.0-rc.0, >= 3.0-rc2.0, <= 3.0-rc2.0, >= 3.0-rc3.0, <= 3.0-rc3.0
  • CRITICAL9.8CVE-2022-40828B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_where_not_in()…
    >= 3.0.0, < 3.1.13 | >= 3.0.0, <= 3.0.0 | >= 3.0-rc.0, <= 3.0-rc.0, >= 3.0-rc2.0, <= 3.0-rc2.0, >= 3.0-rc3.0, <= 3.0-rc3.0
  • CRITICAL9.8CVE-2022-40829B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_like() functio…
    >= 3.0.0, < 3.1.13 | >= 3.0.0, <= 3.0.0 | >= 3.0-rc.0, <= 3.0-rc.0, >= 3.0-rc2.0, <= 3.0-rc2.0, >= 3.0-rc3.0, <= 3.0-rc3.0
  • CRITICAL9.8CVE-2022-40830B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php where_not_in() fu…
    >= 3.0.0, < 3.1.13 | >= 3.0.0, <= 3.0.0 | >= 3.0-rc.0, <= 3.0-rc.0, >= 3.0-rc2.0, <= 3.0-rc2.0, >= 3.0-rc3.0, <= 3.0-rc3.0
  • CRITICAL9.8CVE-2022-40831B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php like() function.
    >= 3.0.0, < 3.1.13 | >= 3.0.0, <= 3.0.0 | >= 3.0-rc.0, <= 3.0-rc.0, >= 3.0-rc2.0, <= 3.0-rc2.0, >= 3.0-rc3.0, <= 3.0-rc3.0
  • CRITICAL9.8CVE-2022-40832B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php having() function.
    >= 3.0.0, < 3.1.13 | >= 3.0.0, <= 3.0.0 | >= 3.0-rc.0, <= 3.0-rc.0, >= 3.0-rc2.0, <= 3.0-rc2.0, >= 3.0-rc3.0, <= 3.0-rc3.0
  • CRITICAL9.8CVE-2022-40833B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_where_in() fun…
    >= 3.0.0, < 3.1.13 | >= 3.0.0, <= 3.0.0 | >= 3.0-rc.0, <= 3.0-rc.0, >= 3.0-rc2.0, <= 3.0-rc2.0, >= 3.0-rc3.0, <= 3.0-rc3.0
  • CRITICAL9.8CVE-2022-40834B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_not_like() fun…
    >= 3.0.0, < 3.1.13 | >= 3.0.0, <= 3.0.0 | >= 3.0-rc.0, <= 3.0-rc.0, >= 3.0-rc2.0, <= 3.0-rc2.0, >= 3.0-rc3.0, <= 3.0-rc3.0
  • CRITICAL9.8CVE-2022-40835B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php.
    >= 3.0.0, < 3.1.13 | >= 3.0.0, <= 3.0.0 | >= 3.0-rc.0, <= 3.0-rc.0, >= 3.0-rc2.0, <= 3.0-rc2.0, >= 3.0-rc3.0, <= 3.0-rc3.0
  • CRITICAL9.8CVE-2023-32692Remote Code Execution Vulnerability in Validation Placeholders in CodeIgniter4
    from 0, < 4.3.5
  • CRITICAL9.4CVE-2022-24711Remote CLI Command Execution Vulnerability in CodeIgniter4
    >= 4.0.0, < 4.1.9
  • HIGH8.8CVE-2020-10793CodeIgniter Improper Privilege Management
    from 0, < 4.0.0
  • HIGH8.6CVE-2022-46170CodeIgniter4 Potential Session Handlers Vulnerability
    >= 4.0.0, < 4.2.11
  • HIGH7.7CVE-2022-21647Deserialization of Untrusted Data in Codeigniter4
    >= 4.0.0, < 4.1.6
  • HIGH7.5CVE-2023-46240CodeIgniter4 vulnerable to information disclosure when detailed error report is displayed in production environment
    from 0, < 4.4.3
  • HIGH7.0CVE-2022-23556CodeIgniter4 allows spoofing of IP address when using proxy
    >= 4.0.0, < 4.2.11
  • MEDIUM6.3CVE-2022-24712Cross-Site Request Forgery (CSRF) Protection Bypass Vulnerability in CodeIgniter4
    >= 4.0.0, < 4.1.9
  • MEDIUM5.9CVE-2022-35943CodeIgniter Shield Vulnerable to SameSite Attackers Bypassing the CSRF Protection
    from 0, < 4.2.3
  • MEDIUM5.4CVE-2022-21715Cross-site Scripting Vulnerability in CodeIgniter4
    >= 4.0.0, < 4.1.8
  • LOW2.6CVE-2022-39284Codeigniter4's Secure or HttpOnly flag set in Config\Cookie is not reflected in Cookies issued
    >= 4.0.0, < 4.2.7