Search criteria
120 vulnerabilities found for codeigniter by codeigniter
FKIE_CVE-2025-54418
Vulnerability from fkie_nvd - Published: 2025-07-28 15:15 - Updated: 2025-08-05 15:46
Severity ?
Summary
CodeIgniter is a PHP full-stack web framework. A command injection vulnerability present in versions prior to 4.6.2 affects applications that use the ImageMagick handler for image processing (`imagick` as the image library) and either allow file uploads with user-controlled filenames and process uploaded images using the `resize()` method or use the `text()` method with user-controlled text content or options. An attacker can upload a file with a malicious filename containing shell metacharacters that get executed when the image is processed or provide malicious text content or options that get executed when adding text to images Users should upgrade to v4.6.2 or later to receive a patch. As a workaround, switch to the GD image handler (`gd`, the default handler), which is not affected by either vulnerability. For file upload scenarios, instead of using user-provided filenames, generate random names to eliminate the attack vector with `getRandomName()` when using the `move()` method, or use the `store()` method, which automatically generates safe filenames. For text operations, if one must use ImageMagick with user-controlled text, sanitize the input to only allow safe characters and validate/restrict text options.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0646754C-2BA8-40F6-8838-5491EF4FDAA4",
"versionEndExcluding": "4.6.2",
"versionStartIncluding": "4.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter is a PHP full-stack web framework. A command injection vulnerability present in versions prior to 4.6.2 affects applications that use the ImageMagick handler for image processing (`imagick` as the image library) and either allow file uploads with user-controlled filenames and process uploaded images using the `resize()` method or use the `text()` method with user-controlled text content or options. An attacker can upload a file with a malicious filename containing shell metacharacters that get executed when the image is processed or provide malicious text content or options that get executed when adding text to images Users should upgrade to v4.6.2 or later to receive a patch. As a workaround, switch to the GD image handler (`gd`, the default handler), which is not affected by either vulnerability. For file upload scenarios, instead of using user-provided filenames, generate random names to eliminate the attack vector with `getRandomName()` when using the `move()` method, or use the `store()` method, which automatically generates safe filenames. For text operations, if one must use ImageMagick with user-controlled text, sanitize the input to only allow safe characters and validate/restrict text options."
},
{
"lang": "es",
"value": "CodeIgniter es un framework web PHP full-stack. Una vulnerabilidad de inyecci\u00f3n de comandos presente en versiones anteriores a la 4.6.2 afecta a las aplicaciones que usan el manejador ImageMagick para el procesamiento de im\u00e1genes (`imagick` como librer\u00eda de im\u00e1genes) y que permiten la carga de archivos con nombres controlados por el usuario y procesan las im\u00e1genes cargadas usando el m\u00e9todo `resize()` o usan el m\u00e9todo `text()` con contenido de texto u opciones controlados por el usuario. Un atacante puede cargar un archivo con un nombre malicioso que contenga metacaracteres de shell que se ejecuten cuando se procese la imagen o proporcionar contenido de texto malicioso u opciones que se ejecuten al agregar texto a las im\u00e1genes. Los usuarios deben actualizar a la v4.6.2 o posterior para recibir un parche. Como soluci\u00f3n alternativa, cambie al manejador de im\u00e1genes GD (`gd`, el manejador predeterminado), que no se ve afectado por ninguna de las vulnerabilidades. Para la carga de archivos, en lugar de usar nombres de archivo proporcionados por el usuario, genere nombres aleatorios para eliminar el vector de ataque con `getRandomName()` al usar el m\u00e9todo `move()`, o use el m\u00e9todo `store()`, que genera autom\u00e1ticamente nombres de archivo seguros. Para operaciones de texto, si es necesario usar ImageMagick con texto controlado por el usuario, depure la entrada para permitir solo caracteres seguros y valide/restringa las opciones de texto."
}
],
"id": "CVE-2025-54418",
"lastModified": "2025-08-05T15:46:02.750",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
},
"published": "2025-07-28T15:15:26.957",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Not Applicable"
],
"url": "https://cwe.mitre.org/data/definitions/78.html"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/e18120bff1da691e1d15ffc1bf553ae7411762c0"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-9952-gv64-x94c"
},
{
"source": "security-advisories@github.com",
"tags": [
"Not Applicable"
],
"url": "https://owasp.org/www-community/attacks/Command_Injection"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2025-24013
Vulnerability from fkie_nvd - Published: 2025-01-20 16:15 - Updated: 2025-08-01 19:17
Severity ?
Summary
CodeIgniter is a PHP full-stack web framework. Prior to 4.5.8, CodeIgniter lacked proper header validation for its name and value. The potential attacker can construct deliberately malformed headers with Header class. This could disrupt application functionality, potentially causing errors or generating invalid HTTP requests. In some cases, these malformed requests might lead to a DoS scenario if a remote service’s web application firewall interprets them as malicious and blocks further communication with the application. This vulnerability is fixed in 4.5.8.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3196E89D-4361-48A2-8C3F-F0D0710308FD",
"versionEndExcluding": "4.5.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter is a PHP full-stack web framework. Prior to 4.5.8, CodeIgniter lacked proper header validation for its name and value. The potential attacker can construct deliberately malformed headers with Header class. This could disrupt application functionality, potentially causing errors or generating invalid HTTP requests. In some cases, these malformed requests might lead to a DoS scenario if a remote service\u2019s web application firewall interprets them as malicious and blocks further communication with the application. This vulnerability is fixed in 4.5.8."
},
{
"lang": "es",
"value": "CodeIgniter es una web PHP full-stack framework. Antes de la versi\u00f3n 4.5.8, CodeIgniter carec\u00eda de una validaci\u00f3n de encabezado adecuada para su nombre y valor. El atacante potencial puede construir encabezados malformados deliberadamente con la clase Header. Esto podr\u00eda interrumpir la funcionalidad de la aplicaci\u00f3n, lo que podr\u00eda causar errores o generar solicitudes HTTP no v\u00e1lidas. En algunos casos, estas solicitudes malformadas pueden conducir a un escenario de denegaci\u00f3n de servicio (DoS) si el firewall de la aplicaci\u00f3n web de un servicio remoto las interpreta como maliciosas y bloquea la comunicaci\u00f3n con la aplicaci\u00f3n. Esta vulnerabilidad se solucion\u00f3 en la versi\u00f3n 4.5.8."
}
],
"id": "CVE-2025-24013",
"lastModified": "2025-08-01T19:17:42.790",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
},
"published": "2025-01-20T16:15:28.877",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Technical Description"
],
"url": "https://datatracker.ietf.org/doc/html/rfc7230#section-3.2"
},
{
"source": "security-advisories@github.com",
"tags": [
"Not Applicable"
],
"url": "https://github.com/advisories/GHSA-wxmh-65f7-jcvw"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/5f8aa24280fb09947897d6b322bf1f0e038b13b6"
},
{
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-x5mq-jjr3-vmx6"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-436"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2024-41344
Vulnerability from fkie_nvd - Published: 2024-10-15 19:15 - Updated: 2025-08-01 20:36
Severity ?
Summary
A Cross-Site Request Forgery (CSRF) in Codeigniter 3.1.13 allows attackers to arbitrarily change the Administrator password and escalate privileges.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/kirilkirkov/Ecommerce-CodeIgniter-Bootstrap/issues/264 | Exploit, Issue Tracking |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter | 3.1.13 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "E4DDD594-2B3A-4C35-9C4F-122A942A15EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Cross-Site Request Forgery (CSRF) in Codeigniter 3.1.13 allows attackers to arbitrarily change the Administrator password and escalate privileges."
},
{
"lang": "es",
"value": "Cross-Site Request Forgery (CSRF) en Codeigniter 3.1.13 permite a los atacantes cambiar arbitrariamente la contrase\u00f1a del administrador y aumentar los privilegios."
}
],
"id": "CVE-2024-41344",
"lastModified": "2025-08-01T20:36:13.317",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2024-10-15T19:15:17.287",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
],
"url": "https://github.com/kirilkirkov/Ecommerce-CodeIgniter-Bootstrap/issues/264"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2024-29904
Vulnerability from fkie_nvd - Published: 2024-03-29 16:15 - Updated: 2025-05-07 17:28
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
CodeIgniter is a PHP full-stack web framework A vulnerability was found in the Language class that allowed DoS attacks. This vulnerability can be exploited by an attacker to consume a large amount of memory on the server. Upgrade to v4.4.7 or later.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "270FB1E4-6E17-4EE9-981A-ED54AF580BFE",
"versionEndExcluding": "4.4.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter is a PHP full-stack web framework A vulnerability was found in the Language class that allowed DoS attacks. This vulnerability can be exploited by an attacker to consume a large amount of memory on the server. Upgrade to v4.4.7 or later. \n"
},
{
"lang": "es",
"value": "CodeIgniter es un framework web PHP de pila completa. Se encontr\u00f3 una vulnerabilidad en la clase de lenguaje que permit\u00eda ataques DoS. Un atacante puede aprovechar esta vulnerabilidad para consumir una gran cantidad de memoria en el servidor. Actualice a v4.4.7 o posterior."
}
],
"id": "CVE-2024-29904",
"lastModified": "2025-05-07T17:28:25.530",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-03-29T16:15:08.593",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/fa851acbae7ae4c5a97f8f38ae87aa0822a334c0"
},
{
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-39fp-mqmm-gxj6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/fa851acbae7ae4c5a97f8f38ae87aa0822a334c0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-39fp-mqmm-gxj6"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-835"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-674"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2023-46240
Vulnerability from fkie_nvd - Published: 2023-10-31 16:15 - Updated: 2024-11-21 08:28
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
CodeIgniter is a PHP full-stack web framework. Prior to CodeIgniter4 version 4.4.3, if an error or exception occurs, a detailed error report is displayed even if in the production environment. As a result, confidential information may be leaked. Version 4.4.3 contains a patch. As a workaround, replace `ini_set('display_errors', '0')` with `ini_set('display_errors', 'Off')` in `app/Config/Boot/production.php`.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "04B25A7E-3363-492A-A24A-B7D0087E9DAA",
"versionEndExcluding": "4.4.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter is a PHP full-stack web framework. Prior to CodeIgniter4 version 4.4.3, if an error or exception occurs, a detailed error report is displayed even if in the production environment. As a result, confidential information may be leaked. Version 4.4.3 contains a patch. As a workaround, replace `ini_set(\u0027display_errors\u0027, \u00270\u0027)` with `ini_set(\u0027display_errors\u0027, \u0027Off\u0027)` in `app/Config/Boot/production.php`."
},
{
"lang": "es",
"value": "CodeIgniter es un framework web PHP de pila completa. Antes de CodeIgniter4 versi\u00f3n 4.4.3, si se produc\u00eda un error o una excepci\u00f3n, se mostraba un informe de error detallado incluso en el entorno de producci\u00f3n. Como resultado, se puede filtrar informaci\u00f3n confidencial. La versi\u00f3n 4.4.3 contiene un parche. Como workaround, reemplace `ini_set(\u0027display_errors\u0027, \u00270\u0027)` con `ini_set(\u0027display_errors\u0027, \u0027Off\u0027)` en `app/Config/Boot/production.php`."
}
],
"id": "CVE-2023-46240",
"lastModified": "2024-11-21T08:28:08.787",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-10-31T16:15:09.617",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Product"
],
"url": "https://codeigniter4.github.io/userguide/general/errors.html#error-reporting"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/423569fc31e29f51635a2e59c89770333f0e7563"
},
{
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-hwxf-qxj7-7rfj"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://codeigniter4.github.io/userguide/general/errors.html#error-reporting"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/423569fc31e29f51635a2e59c89770333f0e7563"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-hwxf-qxj7-7rfj"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-209"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2023-32692
Vulnerability from fkie_nvd - Published: 2023-05-30 04:15 - Updated: 2024-11-21 08:03
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
CodeIgniter is a PHP full-stack web framework. This vulnerability allows attackers to execute arbitrary code when you use Validation Placeholders. The vulnerability exists in the Validation library, and validation methods in the controller and in-model validation are also vulnerable because they use the Validation library internally. This issue is patched in version 4.3.5.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94AEF6DC-6C48-4A0E-973E-7AD5B9EFB2A2",
"versionEndExcluding": "4.3.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter is a PHP full-stack web framework. This vulnerability allows attackers to execute arbitrary code when you use Validation Placeholders. The vulnerability exists in the Validation library, and validation methods in the controller and in-model validation are also vulnerable because they use the Validation library internally. This issue is patched in version 4.3.5.\n"
},
{
"lang": "es",
"value": "CodeIgniter es un framework web PHP full-stack. Esta vulnerabilidad permite a los atacantes ejecutar c\u00f3digo arbitrario cuando se utilizan \"Validation Placeholders\". La vulnerabilidad existe en la librer\u00eda \"Validation\" y los m\u00e9todos de validaci\u00f3n en el controlador y la validaci\u00f3n en el modelo son tambi\u00e9n vulnerables porque utilizan la librer\u00eda \"Validation\" internamente. Este problema se ha corregido en la versi\u00f3n 4.3.5. "
}
],
"id": "CVE-2023-32692",
"lastModified": "2024-11-21T08:03:51.783",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-05-30T04:15:10.097",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/blob/develop/CHANGELOG.md"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-m6m8-6gq8-c9fj"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/blob/develop/CHANGELOG.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-m6m8-6gq8-c9fj"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-46170
Vulnerability from fkie_nvd - Published: 2022-12-22 19:15 - Updated: 2024-11-21 07:30
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
CodeIgniter is a PHP full-stack web framework. When an application uses (1) multiple session cookies (e.g., one for user pages and one for admin pages) and (2) a session handler is set to `DatabaseHandler`, `MemcachedHandler`, or `RedisHandler`, then if an attacker gets one session cookie (e.g., one for user pages), they may be able to access pages that require another session cookie (e.g., for admin pages). This issue has been patched, please upgrade to version 4.2.11 or later. As a workaround, use only one session cookie.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E8EEE4F-3F8A-4CC9-9501-87DD6F0FF2B2",
"versionEndExcluding": "4.2.11",
"versionStartIncluding": "4.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter is a PHP full-stack web framework. When an application uses (1) multiple session cookies (e.g., one for user pages and one for admin pages) and (2) a session handler is set to `DatabaseHandler`, `MemcachedHandler`, or `RedisHandler`, then if an attacker gets one session cookie (e.g., one for user pages), they may be able to access pages that require another session cookie (e.g., for admin pages). This issue has been patched, please upgrade to version 4.2.11 or later. As a workaround, use only one session cookie."
},
{
"lang": "es",
"value": "CodeIgniter es un framework web PHP full-stack. Cuando una aplicaci\u00f3n utiliza (1) m\u00faltiples cookies de sesi\u00f3n (por ejemplo, una para p\u00e1ginas de usuario y otra para p\u00e1ginas de administraci\u00f3n) y (2) un controlador de sesi\u00f3n est\u00e1 configurado en `DatabaseHandler`, `MemcachedHandler` o `RedisHandler`, entonces, si un atacante obtiene una cookie de sesi\u00f3n (por ejemplo, una para p\u00e1ginas de usuario), es posible que pueda acceder a p\u00e1ginas que requieren otra cookie de sesi\u00f3n (por ejemplo, para p\u00e1ginas de administraci\u00f3n). Este problema ha sido solucionado; actualice a la versi\u00f3n 4.2.11 o posterior. Como soluci\u00f3n alternativa, utilice solo una cookie de sesi\u00f3n."
}
],
"id": "CVE-2022-46170",
"lastModified": "2024-11-21T07:30:15.103",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.7,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-12-22T19:15:09.223",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/f9fb6574fbeb5a4aa63f7ea87296523e10db9328"
},
{
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-6cq5-8cj7-g558"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/f9fb6574fbeb5a4aa63f7ea87296523e10db9328"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-6cq5-8cj7-g558"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2022-23556
Vulnerability from fkie_nvd - Published: 2022-12-22 19:15 - Updated: 2024-11-21 06:48
Severity ?
7.0 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Summary
CodeIgniter is a PHP full-stack web framework. This vulnerability may allow attackers to spoof their IP address when the server is behind a reverse proxy. This issue has been patched, please upgrade to version 4.2.11 or later, and configure `Config\App::$proxyIPs`. As a workaround, do not use `$request->getIPAddress()`.
References
| URL | Tags | ||
|---|---|---|---|
| security-advisories@github.com | https://github.com/codeigniter4/CodeIgniter4/commit/5ca8c99b2db09a2a08a013836628028ddc984659 | Patch, Third Party Advisory | |
| security-advisories@github.com | https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-ghw3-5qvm-3mqc | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/codeigniter4/CodeIgniter4/commit/5ca8c99b2db09a2a08a013836628028ddc984659 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-ghw3-5qvm-3mqc | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E8EEE4F-3F8A-4CC9-9501-87DD6F0FF2B2",
"versionEndExcluding": "4.2.11",
"versionStartIncluding": "4.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter is a PHP full-stack web framework. This vulnerability may allow attackers to spoof their IP address when the server is behind a reverse proxy. This issue has been patched, please upgrade to version 4.2.11 or later, and configure `Config\\App::$proxyIPs`. As a workaround, do not use `$request-\u003egetIPAddress()`.\n"
},
{
"lang": "es",
"value": "CodeIgniter es un framework web PHP de full-stack. Esta vulnerabilidad puede permitir a los atacantes falsificar su direcci\u00f3n IP cuando el servidor est\u00e1 detr\u00e1s de un proxy inverso. Este problema ha sido solucionado, actualice a la versi\u00f3n 4.2.11 o posterior y configure `Config\\App::$proxyIPs`. Como soluci\u00f3n alternativa, no utilice `$request-\u0026gt;getIPAddress()`."
}
],
"id": "CVE-2022-23556",
"lastModified": "2024-11-21T06:48:48.380",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 4.7,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-12-22T19:15:09.090",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/5ca8c99b2db09a2a08a013836628028ddc984659"
},
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-ghw3-5qvm-3mqc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/5ca8c99b2db09a2a08a013836628028ddc984659"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-ghw3-5qvm-3mqc"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-345"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2022-40834
Vulnerability from fkie_nvd - Published: 2022-10-07 11:15 - Updated: 2024-11-21 07:22
Severity ?
Summary
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_not_like() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter | * | |
| codeigniter | codeigniter | 3.0 | |
| codeigniter | codeigniter | 3.0 | |
| codeigniter | codeigniter | 3.0 | |
| codeigniter | codeigniter | 3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9534CB28-BB53-4CF8-9337-51314C6503BA",
"versionEndIncluding": "3.1.13",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:-:*:*:*:*:*:*",
"matchCriteriaId": "E3D89799-8C31-4A6D-A891-3B445B22C234",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:rc:*:*:*:*:*:*",
"matchCriteriaId": "51252C58-6FD7-4F20-A396-9A3A512012AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "684DB479-334E-4D9C-9284-D9FFF0E72383",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "222F4332-C4F0-4152-9517-0915B006E304",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "B.C. Institute of Technology CodeIgniter \u003c=3.1.13 is vulnerable to SQL Injection via system\\database\\DB_query_builder.php or_not_like() function. Note: Multiple third parties have disputed this as not a valid vulnerability."
},
{
"lang": "es",
"value": "B.C. Institute of Technology CodeIgniter versiones anteriores a 3.1.13 incluy\u00e9ndola, es vulnerable a una inyecci\u00f3n SQL por medio de la funci\u00f3n system\\database\\DB_query_builder.php or_not_like()"
}
],
"id": "CVE-2022-40834",
"lastModified": "2024-11-21T07:22:07.237",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-07T11:15:11.750",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-40830
Vulnerability from fkie_nvd - Published: 2022-10-07 11:15 - Updated: 2024-11-21 07:22
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php where_not_in() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter | * | |
| codeigniter | codeigniter | 3.0 | |
| codeigniter | codeigniter | 3.0 | |
| codeigniter | codeigniter | 3.0 | |
| codeigniter | codeigniter | 3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9534CB28-BB53-4CF8-9337-51314C6503BA",
"versionEndIncluding": "3.1.13",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:-:*:*:*:*:*:*",
"matchCriteriaId": "E3D89799-8C31-4A6D-A891-3B445B22C234",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:rc:*:*:*:*:*:*",
"matchCriteriaId": "51252C58-6FD7-4F20-A396-9A3A512012AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "684DB479-334E-4D9C-9284-D9FFF0E72383",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "222F4332-C4F0-4152-9517-0915B006E304",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "B.C. Institute of Technology CodeIgniter \u003c=3.1.13 is vulnerable to SQL Injection via system\\database\\DB_query_builder.php where_not_in() function. Note: Multiple third parties have disputed this as not a valid vulnerability."
},
{
"lang": "es",
"value": "B.C. Institute of Technology CodeIgniter versiones anteriores a 3.1.13 incluy\u00e9ndola, es vulnerable a una inyecci\u00f3n SQL por medio de la funci\u00f3n system\\database\\DB_query_builder.php where_not_in()"
}
],
"id": "CVE-2022-40830",
"lastModified": "2024-11-21T07:22:06.520",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2022-10-07T11:15:11.433",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2022-40833
Vulnerability from fkie_nvd - Published: 2022-10-07 11:15 - Updated: 2024-11-21 07:22
Severity ?
Summary
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_where_in() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter | * | |
| codeigniter | codeigniter | 3.0 | |
| codeigniter | codeigniter | 3.0 | |
| codeigniter | codeigniter | 3.0 | |
| codeigniter | codeigniter | 3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9534CB28-BB53-4CF8-9337-51314C6503BA",
"versionEndIncluding": "3.1.13",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:-:*:*:*:*:*:*",
"matchCriteriaId": "E3D89799-8C31-4A6D-A891-3B445B22C234",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:rc:*:*:*:*:*:*",
"matchCriteriaId": "51252C58-6FD7-4F20-A396-9A3A512012AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "684DB479-334E-4D9C-9284-D9FFF0E72383",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "222F4332-C4F0-4152-9517-0915B006E304",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "B.C. Institute of Technology CodeIgniter \u003c=3.1.13 is vulnerable to SQL Injection via system\\database\\DB_query_builder.php or_where_in() function. Note: Multiple third parties have disputed this as not a valid vulnerability."
},
{
"lang": "es",
"value": "B.C. Institute of Technology CodeIgniter versiones anteriores a 3.1.13 incluy\u00e9ndola, es vulnerable a una inyecci\u00f3n SQL por medio de la funci\u00f3n system\\database\\DB_query_builder.php or_where_in()"
}
],
"id": "CVE-2022-40833",
"lastModified": "2024-11-21T07:22:07.070",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-07T11:15:11.667",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-40827
Vulnerability from fkie_nvd - Published: 2022-10-07 11:15 - Updated: 2025-04-09 19:15
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php where() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter | * | |
| codeigniter | codeigniter | 3.0 | |
| codeigniter | codeigniter | 3.0 | |
| codeigniter | codeigniter | 3.0 | |
| codeigniter | codeigniter | 3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9534CB28-BB53-4CF8-9337-51314C6503BA",
"versionEndIncluding": "3.1.13",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:-:*:*:*:*:*:*",
"matchCriteriaId": "E3D89799-8C31-4A6D-A891-3B445B22C234",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:rc:*:*:*:*:*:*",
"matchCriteriaId": "51252C58-6FD7-4F20-A396-9A3A512012AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "684DB479-334E-4D9C-9284-D9FFF0E72383",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "222F4332-C4F0-4152-9517-0915B006E304",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "B.C. Institute of Technology CodeIgniter \u003c=3.1.13 is vulnerable to SQL Injection via system\\database\\DB_query_builder.php where() function. Note: Multiple third parties have disputed this as not a valid vulnerability."
},
{
"lang": "es",
"value": "B.C. Institute of Technology CodeIgniter versiones anteriores a 3.1.13 incluy\u00e9ndola, es vulnerable a una inyecci\u00f3n SQL por medio de la funci\u00f3n system\\database\\DB_query_builder.php where()"
}
],
"id": "CVE-2022-40827",
"lastModified": "2025-04-09T19:15:44.507",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2022-10-07T11:15:11.173",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2022-40835
Vulnerability from fkie_nvd - Published: 2022-10-07 11:15 - Updated: 2024-11-21 07:22
Severity ?
Summary
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php. Note: Multiple third parties have disputed this as not a valid vulnerability
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter | * | |
| codeigniter | codeigniter | 3.0 | |
| codeigniter | codeigniter | 3.0 | |
| codeigniter | codeigniter | 3.0 | |
| codeigniter | codeigniter | 3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9534CB28-BB53-4CF8-9337-51314C6503BA",
"versionEndIncluding": "3.1.13",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:-:*:*:*:*:*:*",
"matchCriteriaId": "E3D89799-8C31-4A6D-A891-3B445B22C234",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:rc:*:*:*:*:*:*",
"matchCriteriaId": "51252C58-6FD7-4F20-A396-9A3A512012AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "684DB479-334E-4D9C-9284-D9FFF0E72383",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "222F4332-C4F0-4152-9517-0915B006E304",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "B.C. Institute of Technology CodeIgniter \u003c=3.1.13 is vulnerable to SQL Injection via system\\database\\DB_query_builder.php. Note: Multiple third parties have disputed this as not a valid vulnerability"
},
{
"lang": "es",
"value": "B.C. Institute of Technology CodeIgniter versiones anteriores a 3.1.13 incluy\u00e9ndola, es vulnerable a una inyecci\u00f3n SQL por medio del archivo system\\database\\DB_query_builder.php"
}
],
"id": "CVE-2022-40835",
"lastModified": "2024-11-21T07:22:07.380",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-07T11:15:11.903",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-40831
Vulnerability from fkie_nvd - Published: 2022-10-07 11:15 - Updated: 2024-11-21 07:22
Severity ?
Summary
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php like() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter | * | |
| codeigniter | codeigniter | 3.0 | |
| codeigniter | codeigniter | 3.0 | |
| codeigniter | codeigniter | 3.0 | |
| codeigniter | codeigniter | 3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9534CB28-BB53-4CF8-9337-51314C6503BA",
"versionEndIncluding": "3.1.13",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:-:*:*:*:*:*:*",
"matchCriteriaId": "E3D89799-8C31-4A6D-A891-3B445B22C234",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:rc:*:*:*:*:*:*",
"matchCriteriaId": "51252C58-6FD7-4F20-A396-9A3A512012AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "684DB479-334E-4D9C-9284-D9FFF0E72383",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:codeigniter:codeigniter:3.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "222F4332-C4F0-4152-9517-0915B006E304",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "B.C. Institute of Technology CodeIgniter \u003c=3.1.13 is vulnerable to SQL Injection via system\\database\\DB_query_builder.php like() function. Note: Multiple third parties have disputed this as not a valid vulnerability."
},
{
"lang": "es",
"value": "B.C. Institute of Technology CodeIgniter versiones anteriores a 3.1.13 incluy\u00e9ndola, es vulnerable a una inyecci\u00f3n SQL por medio de la funci\u00f3n like() de system\\database\\DB_query_builder.php"
}
],
"id": "CVE-2022-40831",
"lastModified": "2024-11-21T07:22:06.747",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-07T11:15:11.507",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2025-54418 (GCVE-0-2025-54418)
Vulnerability from cvelistv5 – Published: 2025-07-28 14:47 – Updated: 2025-07-28 17:19
VLAI?
Title
CodeIgniter4's ImageMagick Handler has Command Injection Vulnerability
Summary
CodeIgniter is a PHP full-stack web framework. A command injection vulnerability present in versions prior to 4.6.2 affects applications that use the ImageMagick handler for image processing (`imagick` as the image library) and either allow file uploads with user-controlled filenames and process uploaded images using the `resize()` method or use the `text()` method with user-controlled text content or options. An attacker can upload a file with a malicious filename containing shell metacharacters that get executed when the image is processed or provide malicious text content or options that get executed when adding text to images Users should upgrade to v4.6.2 or later to receive a patch. As a workaround, switch to the GD image handler (`gd`, the default handler), which is not affected by either vulnerability. For file upload scenarios, instead of using user-provided filenames, generate random names to eliminate the attack vector with `getRandomName()` when using the `move()` method, or use the `store()` method, which automatically generates safe filenames. For text operations, if one must use ImageMagick with user-controlled text, sanitize the input to only allow safe characters and validate/restrict text options.
Severity ?
9.8 (Critical)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| codeigniter4 | CodeIgniter4 |
Affected:
< 4.6.2
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-54418",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-28T17:19:03.230334Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-28T17:19:14.503Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "CodeIgniter4",
"vendor": "codeigniter4",
"versions": [
{
"status": "affected",
"version": "\u003c 4.6.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter is a PHP full-stack web framework. A command injection vulnerability present in versions prior to 4.6.2 affects applications that use the ImageMagick handler for image processing (`imagick` as the image library) and either allow file uploads with user-controlled filenames and process uploaded images using the `resize()` method or use the `text()` method with user-controlled text content or options. An attacker can upload a file with a malicious filename containing shell metacharacters that get executed when the image is processed or provide malicious text content or options that get executed when adding text to images Users should upgrade to v4.6.2 or later to receive a patch. As a workaround, switch to the GD image handler (`gd`, the default handler), which is not affected by either vulnerability. For file upload scenarios, instead of using user-provided filenames, generate random names to eliminate the attack vector with `getRandomName()` when using the `move()` method, or use the `store()` method, which automatically generates safe filenames. For text operations, if one must use ImageMagick with user-controlled text, sanitize the input to only allow safe characters and validate/restrict text options."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-28T14:47:20.887Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-9952-gv64-x94c",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-9952-gv64-x94c"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/commit/e18120bff1da691e1d15ffc1bf553ae7411762c0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/e18120bff1da691e1d15ffc1bf553ae7411762c0"
},
{
"name": "https://cwe.mitre.org/data/definitions/78.html",
"tags": [
"x_refsource_MISC"
],
"url": "https://cwe.mitre.org/data/definitions/78.html"
},
{
"name": "https://owasp.org/www-community/attacks/Command_Injection",
"tags": [
"x_refsource_MISC"
],
"url": "https://owasp.org/www-community/attacks/Command_Injection"
}
],
"source": {
"advisory": "GHSA-9952-gv64-x94c",
"discovery": "UNKNOWN"
},
"title": "CodeIgniter4\u0027s ImageMagick Handler has Command Injection Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-54418",
"datePublished": "2025-07-28T14:47:20.887Z",
"dateReserved": "2025-07-21T23:18:10.281Z",
"dateUpdated": "2025-07-28T17:19:14.503Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-24013 (GCVE-0-2025-24013)
Vulnerability from cvelistv5 – Published: 2025-01-20 15:57 – Updated: 2025-01-21 14:51
VLAI?
Title
CodeIgniter validation of header name and value
Summary
CodeIgniter is a PHP full-stack web framework. Prior to 4.5.8, CodeIgniter lacked proper header validation for its name and value. The potential attacker can construct deliberately malformed headers with Header class. This could disrupt application functionality, potentially causing errors or generating invalid HTTP requests. In some cases, these malformed requests might lead to a DoS scenario if a remote service’s web application firewall interprets them as malicious and blocks further communication with the application. This vulnerability is fixed in 4.5.8.
Severity ?
5.3 (Medium)
CWE
- CWE-436 - Interpretation Conflict
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| codeigniter4 | CodeIgniter4 |
Affected:
< 4.5.8
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24013",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-21T14:50:53.085014Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-21T14:51:01.754Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "CodeIgniter4",
"vendor": "codeigniter4",
"versions": [
{
"status": "affected",
"version": "\u003c 4.5.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter is a PHP full-stack web framework. Prior to 4.5.8, CodeIgniter lacked proper header validation for its name and value. The potential attacker can construct deliberately malformed headers with Header class. This could disrupt application functionality, potentially causing errors or generating invalid HTTP requests. In some cases, these malformed requests might lead to a DoS scenario if a remote service\u2019s web application firewall interprets them as malicious and blocks further communication with the application. This vulnerability is fixed in 4.5.8."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-436",
"description": "CWE-436: Interpretation Conflict",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-20T15:58:32.110Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-x5mq-jjr3-vmx6",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-x5mq-jjr3-vmx6"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/commit/5f8aa24280fb09947897d6b322bf1f0e038b13b6",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/5f8aa24280fb09947897d6b322bf1f0e038b13b6"
},
{
"name": "https://datatracker.ietf.org/doc/html/rfc7230#section-3.2",
"tags": [
"x_refsource_MISC"
],
"url": "https://datatracker.ietf.org/doc/html/rfc7230#section-3.2"
},
{
"name": "https://github.com/advisories/GHSA-wxmh-65f7-jcvw",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/advisories/GHSA-wxmh-65f7-jcvw"
}
],
"source": {
"advisory": "GHSA-x5mq-jjr3-vmx6",
"discovery": "UNKNOWN"
},
"title": "CodeIgniter validation of header name and value"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-24013",
"datePublished": "2025-01-20T15:57:37.975Z",
"dateReserved": "2025-01-16T17:31:06.458Z",
"dateUpdated": "2025-01-21T14:51:01.754Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-41344 (GCVE-0-2024-41344)
Vulnerability from cvelistv5 – Published: 2024-10-15 00:00 – Updated: 2024-10-15 19:25
VLAI?
Summary
A Cross-Site Request Forgery (CSRF) in Codeigniter 3.1.13 allows attackers to arbitrarily change the Administrator password and escalate privileges.
Severity ?
7.5 (High)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "codeigniter",
"vendor": "codeigniter",
"versions": [
{
"status": "affected",
"version": "3.1.13"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-41344",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-15T19:14:00.800389Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T19:25:10.969Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A Cross-Site Request Forgery (CSRF) in Codeigniter 3.1.13 allows attackers to arbitrarily change the Administrator password and escalate privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T18:52:33.476949",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/kirilkirkov/Ecommerce-CodeIgniter-Bootstrap/issues/264"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-41344",
"datePublished": "2024-10-15T00:00:00",
"dateReserved": "2024-07-18T00:00:00",
"dateUpdated": "2024-10-15T19:25:10.969Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-29904 (GCVE-0-2024-29904)
Vulnerability from cvelistv5 – Published: 2024-03-29 15:32 – Updated: 2024-08-21 22:44
VLAI?
Title
CodeIgniter4 Language class DoS Vulnerability
Summary
CodeIgniter is a PHP full-stack web framework A vulnerability was found in the Language class that allowed DoS attacks. This vulnerability can be exploited by an attacker to consume a large amount of memory on the server. Upgrade to v4.4.7 or later.
Severity ?
7.5 (High)
CWE
- CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| codeigniter4 | CodeIgniter4 |
Affected:
< 4.4.7
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:17:58.591Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-39fp-mqmm-gxj6",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-39fp-mqmm-gxj6"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/commit/fa851acbae7ae4c5a97f8f38ae87aa0822a334c0",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/fa851acbae7ae4c5a97f8f38ae87aa0822a334c0"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "codeigniter",
"vendor": "codeigniter",
"versions": [
{
"lessThan": "4.4.7",
"status": "affected",
"version": "4.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-29904",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-01T20:01:34.809685Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-21T22:44:16.609Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "CodeIgniter4",
"vendor": "codeigniter4",
"versions": [
{
"status": "affected",
"version": "\u003c 4.4.7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter is a PHP full-stack web framework A vulnerability was found in the Language class that allowed DoS attacks. This vulnerability can be exploited by an attacker to consume a large amount of memory on the server. Upgrade to v4.4.7 or later. \n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-835",
"description": "CWE-835: Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-29T15:32:38.686Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-39fp-mqmm-gxj6",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-39fp-mqmm-gxj6"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/commit/fa851acbae7ae4c5a97f8f38ae87aa0822a334c0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/fa851acbae7ae4c5a97f8f38ae87aa0822a334c0"
}
],
"source": {
"advisory": "GHSA-39fp-mqmm-gxj6",
"discovery": "UNKNOWN"
},
"title": "CodeIgniter4 Language class DoS Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-29904",
"datePublished": "2024-03-29T15:32:38.686Z",
"dateReserved": "2024-03-21T15:12:09.000Z",
"dateUpdated": "2024-08-21T22:44:16.609Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-46240 (GCVE-0-2023-46240)
Vulnerability from cvelistv5 – Published: 2023-10-31 15:03 – Updated: 2024-09-05 17:36
VLAI?
Title
CodeIgniter4 vulnerable to information disclosure when detailed error report is displayed in production environment
Summary
CodeIgniter is a PHP full-stack web framework. Prior to CodeIgniter4 version 4.4.3, if an error or exception occurs, a detailed error report is displayed even if in the production environment. As a result, confidential information may be leaked. Version 4.4.3 contains a patch. As a workaround, replace `ini_set('display_errors', '0')` with `ini_set('display_errors', 'Off')` in `app/Config/Boot/production.php`.
Severity ?
7.5 (High)
CWE
- CWE-209 - Generation of Error Message Containing Sensitive Information
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| codeigniter4 | CodeIgniter4 |
Affected:
< 4.4.3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:37:40.233Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-hwxf-qxj7-7rfj",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-hwxf-qxj7-7rfj"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/commit/423569fc31e29f51635a2e59c89770333f0e7563",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/423569fc31e29f51635a2e59c89770333f0e7563"
},
{
"name": "https://codeigniter4.github.io/userguide/general/errors.html#error-reporting",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://codeigniter4.github.io/userguide/general/errors.html#error-reporting"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-46240",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-05T17:35:16.659348Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T17:36:02.600Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "CodeIgniter4",
"vendor": "codeigniter4",
"versions": [
{
"status": "affected",
"version": "\u003c 4.4.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter is a PHP full-stack web framework. Prior to CodeIgniter4 version 4.4.3, if an error or exception occurs, a detailed error report is displayed even if in the production environment. As a result, confidential information may be leaked. Version 4.4.3 contains a patch. As a workaround, replace `ini_set(\u0027display_errors\u0027, \u00270\u0027)` with `ini_set(\u0027display_errors\u0027, \u0027Off\u0027)` in `app/Config/Boot/production.php`."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-209",
"description": "CWE-209: Generation of Error Message Containing Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-31T15:03:51.798Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-hwxf-qxj7-7rfj",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-hwxf-qxj7-7rfj"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/commit/423569fc31e29f51635a2e59c89770333f0e7563",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/423569fc31e29f51635a2e59c89770333f0e7563"
},
{
"name": "https://codeigniter4.github.io/userguide/general/errors.html#error-reporting",
"tags": [
"x_refsource_MISC"
],
"url": "https://codeigniter4.github.io/userguide/general/errors.html#error-reporting"
}
],
"source": {
"advisory": "GHSA-hwxf-qxj7-7rfj",
"discovery": "UNKNOWN"
},
"title": "CodeIgniter4 vulnerable to information disclosure when detailed error report is displayed in production environment"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-46240",
"datePublished": "2023-10-31T15:03:51.798Z",
"dateReserved": "2023-10-19T20:34:00.947Z",
"dateUpdated": "2024-09-05T17:36:02.600Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-32692 (GCVE-0-2023-32692)
Vulnerability from cvelistv5 – Published: 2023-05-30 03:15 – Updated: 2025-01-10 20:38
VLAI?
Title
Remote Code Execution Vulnerability in Validation Placeholders
Summary
CodeIgniter is a PHP full-stack web framework. This vulnerability allows attackers to execute arbitrary code when you use Validation Placeholders. The vulnerability exists in the Validation library, and validation methods in the controller and in-model validation are also vulnerable because they use the Validation library internally. This issue is patched in version 4.3.5.
Severity ?
9.8 (Critical)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| codeigniter4 | CodeIgniter4 |
Affected:
< 4.3.5
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:25:36.360Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-m6m8-6gq8-c9fj",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-m6m8-6gq8-c9fj"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/blob/develop/CHANGELOG.md",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/blob/develop/CHANGELOG.md"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-32692",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-10T20:38:34.423818Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-10T20:38:42.898Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "CodeIgniter4",
"vendor": "codeigniter4",
"versions": [
{
"status": "affected",
"version": "\u003c 4.3.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter is a PHP full-stack web framework. This vulnerability allows attackers to execute arbitrary code when you use Validation Placeholders. The vulnerability exists in the Validation library, and validation methods in the controller and in-model validation are also vulnerable because they use the Validation library internally. This issue is patched in version 4.3.5.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-30T03:15:01.363Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-m6m8-6gq8-c9fj",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-m6m8-6gq8-c9fj"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/blob/develop/CHANGELOG.md",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/blob/develop/CHANGELOG.md"
}
],
"source": {
"advisory": "GHSA-m6m8-6gq8-c9fj",
"discovery": "UNKNOWN"
},
"title": "Remote Code Execution Vulnerability in Validation Placeholders"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-32692",
"datePublished": "2023-05-30T03:15:01.363Z",
"dateReserved": "2023-05-11T16:33:45.733Z",
"dateUpdated": "2025-01-10T20:38:42.898Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-46170 (GCVE-0-2022-46170)
Vulnerability from cvelistv5 – Published: 2022-12-22 18:58 – Updated: 2025-04-15 14:33
VLAI?
Title
CodeIgniter is vulnerable to improper authentication via Session Handlers
Summary
CodeIgniter is a PHP full-stack web framework. When an application uses (1) multiple session cookies (e.g., one for user pages and one for admin pages) and (2) a session handler is set to `DatabaseHandler`, `MemcachedHandler`, or `RedisHandler`, then if an attacker gets one session cookie (e.g., one for user pages), they may be able to access pages that require another session cookie (e.g., for admin pages). This issue has been patched, please upgrade to version 4.2.11 or later. As a workaround, use only one session cookie.
Severity ?
8.6 (High)
CWE
- CWE-287 - Improper Authentication
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| codeigniter4 | CodeIgniter4 |
Affected:
< 4.2.11
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:24:03.375Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-6cq5-8cj7-g558",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-6cq5-8cj7-g558"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/commit/f9fb6574fbeb5a4aa63f7ea87296523e10db9328",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/f9fb6574fbeb5a4aa63f7ea87296523e10db9328"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-46170",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-15T14:32:54.141561Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-15T14:33:06.620Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "CodeIgniter4",
"vendor": "codeigniter4",
"versions": [
{
"status": "affected",
"version": "\u003c 4.2.11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter is a PHP full-stack web framework. When an application uses (1) multiple session cookies (e.g., one for user pages and one for admin pages) and (2) a session handler is set to `DatabaseHandler`, `MemcachedHandler`, or `RedisHandler`, then if an attacker gets one session cookie (e.g., one for user pages), they may be able to access pages that require another session cookie (e.g., for admin pages). This issue has been patched, please upgrade to version 4.2.11 or later. As a workaround, use only one session cookie."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287: Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-22T18:58:17.658Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-6cq5-8cj7-g558",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-6cq5-8cj7-g558"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/commit/f9fb6574fbeb5a4aa63f7ea87296523e10db9328",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/f9fb6574fbeb5a4aa63f7ea87296523e10db9328"
}
],
"source": {
"advisory": "GHSA-6cq5-8cj7-g558",
"discovery": "UNKNOWN"
},
"title": "CodeIgniter is vulnerable to improper authentication via Session Handlers"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-46170",
"datePublished": "2022-12-22T18:58:17.658Z",
"dateReserved": "2022-11-28T17:27:19.998Z",
"dateUpdated": "2025-04-15T14:33:06.620Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-23556 (GCVE-0-2022-23556)
Vulnerability from cvelistv5 – Published: 2022-12-22 18:50 – Updated: 2025-04-15 14:37
VLAI?
Title
CodeIgniter is vulnerable to IP address spoofing when using proxy
Summary
CodeIgniter is a PHP full-stack web framework. This vulnerability may allow attackers to spoof their IP address when the server is behind a reverse proxy. This issue has been patched, please upgrade to version 4.2.11 or later, and configure `Config\App::$proxyIPs`. As a workaround, do not use `$request->getIPAddress()`.
Severity ?
CWE
- CWE-345 - Insufficient Verification of Data Authenticity
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| codeigniter4 | CodeIgniter4 |
Affected:
< 4.2.11
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:43:46.542Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-ghw3-5qvm-3mqc",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-ghw3-5qvm-3mqc"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/commit/5ca8c99b2db09a2a08a013836628028ddc984659",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/5ca8c99b2db09a2a08a013836628028ddc984659"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-23556",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-15T14:36:49.954898Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-15T14:37:02.216Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "CodeIgniter4",
"vendor": "codeigniter4",
"versions": [
{
"status": "affected",
"version": "\u003c 4.2.11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter is a PHP full-stack web framework. This vulnerability may allow attackers to spoof their IP address when the server is behind a reverse proxy. This issue has been patched, please upgrade to version 4.2.11 or later, and configure `Config\\App::$proxyIPs`. As a workaround, do not use `$request-\u003egetIPAddress()`.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-345",
"description": "CWE-345: Insufficient Verification of Data Authenticity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-22T18:50:55.443Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-ghw3-5qvm-3mqc",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-ghw3-5qvm-3mqc"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/commit/5ca8c99b2db09a2a08a013836628028ddc984659",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/5ca8c99b2db09a2a08a013836628028ddc984659"
}
],
"source": {
"advisory": "GHSA-ghw3-5qvm-3mqc",
"discovery": "UNKNOWN"
},
"title": "CodeIgniter is vulnerable to IP address spoofing when using proxy"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-23556",
"datePublished": "2022-12-22T18:50:55.443Z",
"dateReserved": "2022-01-19T21:23:53.803Z",
"dateUpdated": "2025-04-15T14:37:02.216Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-54418 (GCVE-0-2025-54418)
Vulnerability from nvd – Published: 2025-07-28 14:47 – Updated: 2025-07-28 17:19
VLAI?
Title
CodeIgniter4's ImageMagick Handler has Command Injection Vulnerability
Summary
CodeIgniter is a PHP full-stack web framework. A command injection vulnerability present in versions prior to 4.6.2 affects applications that use the ImageMagick handler for image processing (`imagick` as the image library) and either allow file uploads with user-controlled filenames and process uploaded images using the `resize()` method or use the `text()` method with user-controlled text content or options. An attacker can upload a file with a malicious filename containing shell metacharacters that get executed when the image is processed or provide malicious text content or options that get executed when adding text to images Users should upgrade to v4.6.2 or later to receive a patch. As a workaround, switch to the GD image handler (`gd`, the default handler), which is not affected by either vulnerability. For file upload scenarios, instead of using user-provided filenames, generate random names to eliminate the attack vector with `getRandomName()` when using the `move()` method, or use the `store()` method, which automatically generates safe filenames. For text operations, if one must use ImageMagick with user-controlled text, sanitize the input to only allow safe characters and validate/restrict text options.
Severity ?
9.8 (Critical)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| codeigniter4 | CodeIgniter4 |
Affected:
< 4.6.2
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-54418",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-28T17:19:03.230334Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-28T17:19:14.503Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "CodeIgniter4",
"vendor": "codeigniter4",
"versions": [
{
"status": "affected",
"version": "\u003c 4.6.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter is a PHP full-stack web framework. A command injection vulnerability present in versions prior to 4.6.2 affects applications that use the ImageMagick handler for image processing (`imagick` as the image library) and either allow file uploads with user-controlled filenames and process uploaded images using the `resize()` method or use the `text()` method with user-controlled text content or options. An attacker can upload a file with a malicious filename containing shell metacharacters that get executed when the image is processed or provide malicious text content or options that get executed when adding text to images Users should upgrade to v4.6.2 or later to receive a patch. As a workaround, switch to the GD image handler (`gd`, the default handler), which is not affected by either vulnerability. For file upload scenarios, instead of using user-provided filenames, generate random names to eliminate the attack vector with `getRandomName()` when using the `move()` method, or use the `store()` method, which automatically generates safe filenames. For text operations, if one must use ImageMagick with user-controlled text, sanitize the input to only allow safe characters and validate/restrict text options."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-28T14:47:20.887Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-9952-gv64-x94c",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-9952-gv64-x94c"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/commit/e18120bff1da691e1d15ffc1bf553ae7411762c0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/e18120bff1da691e1d15ffc1bf553ae7411762c0"
},
{
"name": "https://cwe.mitre.org/data/definitions/78.html",
"tags": [
"x_refsource_MISC"
],
"url": "https://cwe.mitre.org/data/definitions/78.html"
},
{
"name": "https://owasp.org/www-community/attacks/Command_Injection",
"tags": [
"x_refsource_MISC"
],
"url": "https://owasp.org/www-community/attacks/Command_Injection"
}
],
"source": {
"advisory": "GHSA-9952-gv64-x94c",
"discovery": "UNKNOWN"
},
"title": "CodeIgniter4\u0027s ImageMagick Handler has Command Injection Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-54418",
"datePublished": "2025-07-28T14:47:20.887Z",
"dateReserved": "2025-07-21T23:18:10.281Z",
"dateUpdated": "2025-07-28T17:19:14.503Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-24013 (GCVE-0-2025-24013)
Vulnerability from nvd – Published: 2025-01-20 15:57 – Updated: 2025-01-21 14:51
VLAI?
Title
CodeIgniter validation of header name and value
Summary
CodeIgniter is a PHP full-stack web framework. Prior to 4.5.8, CodeIgniter lacked proper header validation for its name and value. The potential attacker can construct deliberately malformed headers with Header class. This could disrupt application functionality, potentially causing errors or generating invalid HTTP requests. In some cases, these malformed requests might lead to a DoS scenario if a remote service’s web application firewall interprets them as malicious and blocks further communication with the application. This vulnerability is fixed in 4.5.8.
Severity ?
5.3 (Medium)
CWE
- CWE-436 - Interpretation Conflict
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| codeigniter4 | CodeIgniter4 |
Affected:
< 4.5.8
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24013",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-21T14:50:53.085014Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-21T14:51:01.754Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "CodeIgniter4",
"vendor": "codeigniter4",
"versions": [
{
"status": "affected",
"version": "\u003c 4.5.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter is a PHP full-stack web framework. Prior to 4.5.8, CodeIgniter lacked proper header validation for its name and value. The potential attacker can construct deliberately malformed headers with Header class. This could disrupt application functionality, potentially causing errors or generating invalid HTTP requests. In some cases, these malformed requests might lead to a DoS scenario if a remote service\u2019s web application firewall interprets them as malicious and blocks further communication with the application. This vulnerability is fixed in 4.5.8."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-436",
"description": "CWE-436: Interpretation Conflict",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-20T15:58:32.110Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-x5mq-jjr3-vmx6",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-x5mq-jjr3-vmx6"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/commit/5f8aa24280fb09947897d6b322bf1f0e038b13b6",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/5f8aa24280fb09947897d6b322bf1f0e038b13b6"
},
{
"name": "https://datatracker.ietf.org/doc/html/rfc7230#section-3.2",
"tags": [
"x_refsource_MISC"
],
"url": "https://datatracker.ietf.org/doc/html/rfc7230#section-3.2"
},
{
"name": "https://github.com/advisories/GHSA-wxmh-65f7-jcvw",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/advisories/GHSA-wxmh-65f7-jcvw"
}
],
"source": {
"advisory": "GHSA-x5mq-jjr3-vmx6",
"discovery": "UNKNOWN"
},
"title": "CodeIgniter validation of header name and value"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-24013",
"datePublished": "2025-01-20T15:57:37.975Z",
"dateReserved": "2025-01-16T17:31:06.458Z",
"dateUpdated": "2025-01-21T14:51:01.754Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-41344 (GCVE-0-2024-41344)
Vulnerability from nvd – Published: 2024-10-15 00:00 – Updated: 2024-10-15 19:25
VLAI?
Summary
A Cross-Site Request Forgery (CSRF) in Codeigniter 3.1.13 allows attackers to arbitrarily change the Administrator password and escalate privileges.
Severity ?
7.5 (High)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "codeigniter",
"vendor": "codeigniter",
"versions": [
{
"status": "affected",
"version": "3.1.13"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-41344",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-15T19:14:00.800389Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T19:25:10.969Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A Cross-Site Request Forgery (CSRF) in Codeigniter 3.1.13 allows attackers to arbitrarily change the Administrator password and escalate privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T18:52:33.476949",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/kirilkirkov/Ecommerce-CodeIgniter-Bootstrap/issues/264"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-41344",
"datePublished": "2024-10-15T00:00:00",
"dateReserved": "2024-07-18T00:00:00",
"dateUpdated": "2024-10-15T19:25:10.969Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-29904 (GCVE-0-2024-29904)
Vulnerability from nvd – Published: 2024-03-29 15:32 – Updated: 2024-08-21 22:44
VLAI?
Title
CodeIgniter4 Language class DoS Vulnerability
Summary
CodeIgniter is a PHP full-stack web framework A vulnerability was found in the Language class that allowed DoS attacks. This vulnerability can be exploited by an attacker to consume a large amount of memory on the server. Upgrade to v4.4.7 or later.
Severity ?
7.5 (High)
CWE
- CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| codeigniter4 | CodeIgniter4 |
Affected:
< 4.4.7
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:17:58.591Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-39fp-mqmm-gxj6",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-39fp-mqmm-gxj6"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/commit/fa851acbae7ae4c5a97f8f38ae87aa0822a334c0",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/fa851acbae7ae4c5a97f8f38ae87aa0822a334c0"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "codeigniter",
"vendor": "codeigniter",
"versions": [
{
"lessThan": "4.4.7",
"status": "affected",
"version": "4.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-29904",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-01T20:01:34.809685Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-21T22:44:16.609Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "CodeIgniter4",
"vendor": "codeigniter4",
"versions": [
{
"status": "affected",
"version": "\u003c 4.4.7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter is a PHP full-stack web framework A vulnerability was found in the Language class that allowed DoS attacks. This vulnerability can be exploited by an attacker to consume a large amount of memory on the server. Upgrade to v4.4.7 or later. \n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-835",
"description": "CWE-835: Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-29T15:32:38.686Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-39fp-mqmm-gxj6",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-39fp-mqmm-gxj6"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/commit/fa851acbae7ae4c5a97f8f38ae87aa0822a334c0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/fa851acbae7ae4c5a97f8f38ae87aa0822a334c0"
}
],
"source": {
"advisory": "GHSA-39fp-mqmm-gxj6",
"discovery": "UNKNOWN"
},
"title": "CodeIgniter4 Language class DoS Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-29904",
"datePublished": "2024-03-29T15:32:38.686Z",
"dateReserved": "2024-03-21T15:12:09.000Z",
"dateUpdated": "2024-08-21T22:44:16.609Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-46240 (GCVE-0-2023-46240)
Vulnerability from nvd – Published: 2023-10-31 15:03 – Updated: 2024-09-05 17:36
VLAI?
Title
CodeIgniter4 vulnerable to information disclosure when detailed error report is displayed in production environment
Summary
CodeIgniter is a PHP full-stack web framework. Prior to CodeIgniter4 version 4.4.3, if an error or exception occurs, a detailed error report is displayed even if in the production environment. As a result, confidential information may be leaked. Version 4.4.3 contains a patch. As a workaround, replace `ini_set('display_errors', '0')` with `ini_set('display_errors', 'Off')` in `app/Config/Boot/production.php`.
Severity ?
7.5 (High)
CWE
- CWE-209 - Generation of Error Message Containing Sensitive Information
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| codeigniter4 | CodeIgniter4 |
Affected:
< 4.4.3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:37:40.233Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-hwxf-qxj7-7rfj",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-hwxf-qxj7-7rfj"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/commit/423569fc31e29f51635a2e59c89770333f0e7563",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/423569fc31e29f51635a2e59c89770333f0e7563"
},
{
"name": "https://codeigniter4.github.io/userguide/general/errors.html#error-reporting",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://codeigniter4.github.io/userguide/general/errors.html#error-reporting"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-46240",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-05T17:35:16.659348Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T17:36:02.600Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "CodeIgniter4",
"vendor": "codeigniter4",
"versions": [
{
"status": "affected",
"version": "\u003c 4.4.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter is a PHP full-stack web framework. Prior to CodeIgniter4 version 4.4.3, if an error or exception occurs, a detailed error report is displayed even if in the production environment. As a result, confidential information may be leaked. Version 4.4.3 contains a patch. As a workaround, replace `ini_set(\u0027display_errors\u0027, \u00270\u0027)` with `ini_set(\u0027display_errors\u0027, \u0027Off\u0027)` in `app/Config/Boot/production.php`."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-209",
"description": "CWE-209: Generation of Error Message Containing Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-31T15:03:51.798Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-hwxf-qxj7-7rfj",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-hwxf-qxj7-7rfj"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/commit/423569fc31e29f51635a2e59c89770333f0e7563",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/423569fc31e29f51635a2e59c89770333f0e7563"
},
{
"name": "https://codeigniter4.github.io/userguide/general/errors.html#error-reporting",
"tags": [
"x_refsource_MISC"
],
"url": "https://codeigniter4.github.io/userguide/general/errors.html#error-reporting"
}
],
"source": {
"advisory": "GHSA-hwxf-qxj7-7rfj",
"discovery": "UNKNOWN"
},
"title": "CodeIgniter4 vulnerable to information disclosure when detailed error report is displayed in production environment"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-46240",
"datePublished": "2023-10-31T15:03:51.798Z",
"dateReserved": "2023-10-19T20:34:00.947Z",
"dateUpdated": "2024-09-05T17:36:02.600Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-32692 (GCVE-0-2023-32692)
Vulnerability from nvd – Published: 2023-05-30 03:15 – Updated: 2025-01-10 20:38
VLAI?
Title
Remote Code Execution Vulnerability in Validation Placeholders
Summary
CodeIgniter is a PHP full-stack web framework. This vulnerability allows attackers to execute arbitrary code when you use Validation Placeholders. The vulnerability exists in the Validation library, and validation methods in the controller and in-model validation are also vulnerable because they use the Validation library internally. This issue is patched in version 4.3.5.
Severity ?
9.8 (Critical)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| codeigniter4 | CodeIgniter4 |
Affected:
< 4.3.5
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:25:36.360Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-m6m8-6gq8-c9fj",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-m6m8-6gq8-c9fj"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/blob/develop/CHANGELOG.md",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/blob/develop/CHANGELOG.md"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-32692",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-10T20:38:34.423818Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-10T20:38:42.898Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "CodeIgniter4",
"vendor": "codeigniter4",
"versions": [
{
"status": "affected",
"version": "\u003c 4.3.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter is a PHP full-stack web framework. This vulnerability allows attackers to execute arbitrary code when you use Validation Placeholders. The vulnerability exists in the Validation library, and validation methods in the controller and in-model validation are also vulnerable because they use the Validation library internally. This issue is patched in version 4.3.5.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-30T03:15:01.363Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-m6m8-6gq8-c9fj",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-m6m8-6gq8-c9fj"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/blob/develop/CHANGELOG.md",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/blob/develop/CHANGELOG.md"
}
],
"source": {
"advisory": "GHSA-m6m8-6gq8-c9fj",
"discovery": "UNKNOWN"
},
"title": "Remote Code Execution Vulnerability in Validation Placeholders"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-32692",
"datePublished": "2023-05-30T03:15:01.363Z",
"dateReserved": "2023-05-11T16:33:45.733Z",
"dateUpdated": "2025-01-10T20:38:42.898Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-46170 (GCVE-0-2022-46170)
Vulnerability from nvd – Published: 2022-12-22 18:58 – Updated: 2025-04-15 14:33
VLAI?
Title
CodeIgniter is vulnerable to improper authentication via Session Handlers
Summary
CodeIgniter is a PHP full-stack web framework. When an application uses (1) multiple session cookies (e.g., one for user pages and one for admin pages) and (2) a session handler is set to `DatabaseHandler`, `MemcachedHandler`, or `RedisHandler`, then if an attacker gets one session cookie (e.g., one for user pages), they may be able to access pages that require another session cookie (e.g., for admin pages). This issue has been patched, please upgrade to version 4.2.11 or later. As a workaround, use only one session cookie.
Severity ?
8.6 (High)
CWE
- CWE-287 - Improper Authentication
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| codeigniter4 | CodeIgniter4 |
Affected:
< 4.2.11
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:24:03.375Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-6cq5-8cj7-g558",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-6cq5-8cj7-g558"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/commit/f9fb6574fbeb5a4aa63f7ea87296523e10db9328",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/f9fb6574fbeb5a4aa63f7ea87296523e10db9328"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-46170",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-15T14:32:54.141561Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-15T14:33:06.620Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "CodeIgniter4",
"vendor": "codeigniter4",
"versions": [
{
"status": "affected",
"version": "\u003c 4.2.11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter is a PHP full-stack web framework. When an application uses (1) multiple session cookies (e.g., one for user pages and one for admin pages) and (2) a session handler is set to `DatabaseHandler`, `MemcachedHandler`, or `RedisHandler`, then if an attacker gets one session cookie (e.g., one for user pages), they may be able to access pages that require another session cookie (e.g., for admin pages). This issue has been patched, please upgrade to version 4.2.11 or later. As a workaround, use only one session cookie."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287: Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-22T18:58:17.658Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-6cq5-8cj7-g558",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-6cq5-8cj7-g558"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/commit/f9fb6574fbeb5a4aa63f7ea87296523e10db9328",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/f9fb6574fbeb5a4aa63f7ea87296523e10db9328"
}
],
"source": {
"advisory": "GHSA-6cq5-8cj7-g558",
"discovery": "UNKNOWN"
},
"title": "CodeIgniter is vulnerable to improper authentication via Session Handlers"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-46170",
"datePublished": "2022-12-22T18:58:17.658Z",
"dateReserved": "2022-11-28T17:27:19.998Z",
"dateUpdated": "2025-04-15T14:33:06.620Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-23556 (GCVE-0-2022-23556)
Vulnerability from nvd – Published: 2022-12-22 18:50 – Updated: 2025-04-15 14:37
VLAI?
Title
CodeIgniter is vulnerable to IP address spoofing when using proxy
Summary
CodeIgniter is a PHP full-stack web framework. This vulnerability may allow attackers to spoof their IP address when the server is behind a reverse proxy. This issue has been patched, please upgrade to version 4.2.11 or later, and configure `Config\App::$proxyIPs`. As a workaround, do not use `$request->getIPAddress()`.
Severity ?
CWE
- CWE-345 - Insufficient Verification of Data Authenticity
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| codeigniter4 | CodeIgniter4 |
Affected:
< 4.2.11
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:43:46.542Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-ghw3-5qvm-3mqc",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-ghw3-5qvm-3mqc"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/commit/5ca8c99b2db09a2a08a013836628028ddc984659",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/5ca8c99b2db09a2a08a013836628028ddc984659"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-23556",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-15T14:36:49.954898Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-15T14:37:02.216Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "CodeIgniter4",
"vendor": "codeigniter4",
"versions": [
{
"status": "affected",
"version": "\u003c 4.2.11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter is a PHP full-stack web framework. This vulnerability may allow attackers to spoof their IP address when the server is behind a reverse proxy. This issue has been patched, please upgrade to version 4.2.11 or later, and configure `Config\\App::$proxyIPs`. As a workaround, do not use `$request-\u003egetIPAddress()`.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-345",
"description": "CWE-345: Insufficient Verification of Data Authenticity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-22T18:50:55.443Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-ghw3-5qvm-3mqc",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-ghw3-5qvm-3mqc"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/commit/5ca8c99b2db09a2a08a013836628028ddc984659",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/5ca8c99b2db09a2a08a013836628028ddc984659"
}
],
"source": {
"advisory": "GHSA-ghw3-5qvm-3mqc",
"discovery": "UNKNOWN"
},
"title": "CodeIgniter is vulnerable to IP address spoofing when using proxy"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-23556",
"datePublished": "2022-12-22T18:50:55.443Z",
"dateReserved": "2022-01-19T21:23:53.803Z",
"dateUpdated": "2025-04-15T14:37:02.216Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}