codeigniter

Top products

The 15 most recently published vulnerabilities affecting codeigniter.

• CVE-2025-54418CodeIgniter4's ImageMagick Handler has Command Injection Vulnerability9.8Jul 28, 2025
• CVE-2025-24013CodeIgniter validation of header name and value5.3Jan 20, 2025
• CVE-2024-41344A Cross-Site Request Forgery (CSRF) in Codeigniter 3.1.13 allows attackers to arbitrarily change the Administrator password and escalate privileges.7.5Oct 15, 2024
• CVE-2024-6526CodeIgniter Ecommerce-CodeIgniter-Bootstrap cross site scripting3.5Jul 5, 2024
• CVE-2024-29904CodeIgniter4 Language class DoS Vulnerability7.5Mar 29, 2024
• CVE-2023-48707Cleartext Storage of Sensitive Information in codeigniter4/shield5.0Nov 24, 2023
• CVE-2023-48708Insertion of Sensitive Information into Log in codeigniter4/shield5.0Nov 24, 2023
• CVE-2023-46240CodeIgniter4 vulnerable to information disclosure when detailed error report is displayed in production environment7.5Oct 31, 2023
• CVE-2023-32692Remote Code Execution Vulnerability in Validation Placeholders9.8May 30, 2023
• CVE-2023-27580CodeIgniter Shield Password Shucking Vulnerability7.5Mar 13, 2023
• CVE-2022-46170CodeIgniter is vulnerable to improper authentication via Session Handlers8.6Dec 22, 2022
• CVE-2022-23556CodeIgniter is vulnerable to IP address spoofing when using proxy7.0Dec 22, 2022
• CVE-2022-40835B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php. Note: Multiple third parties have disputed this as not a valid vulnerability9.8Oct 7, 2022
• CVE-2022-40834B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_not_like() function. Note: Multiple third parties have disputed this as ...9.8Oct 7, 2022
• CVE-2022-40833B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_where_in() function. Note: Multiple third parties have disputed this as ...9.8Oct 7, 2022