CodeIgniter version 2.1.1 suffers from a cross site scripting filter bypass vulnerability.
3ef2a27952806217b13309e73061a93a5159c4ffa2318c44e42a0fe6cd29d93d
Aplikasi Sistem Sekolah using CodeIgniter 3 versions 3.0.0 through 3.2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
fe65c787aee815dfc8b9290370fcbbbd08d7fe1dc9a91dcb691c3cd4a0a59277
Ecommerce CodeIgniter Bootstrap version 1.0 suffers from a cross site scripting vulnerability.
8067f4fd81733f7b71a1c0e622616e9b01152a86d53a5b22251faef3ddc7b340
CodeIgniter CMS version 4.2.0 suffers from a remote SQL injection vulnerability.
95b28e947fb52c82785b9e221438f8e9b78449cd4019acccc826a0cac2e8875e
LANGO Codeigniter Multilingual Script version 1.0 suffers from a cross site scripting vulnerability.
7ef7a20f78b99c0b6409e9aec1213dcdccc6549054e8bf691f98d9c6cc7f0723
LANGO Codeigniter Multilingual Script version 1.0 suffers from html injection and cross site scripting vulnerabilities.
1a7f46c5730e7ddc22cc65539b4922093c7ff1375817ea40f8170245c2f61333
Code Igniter version 3.1.3 suffers from an HTTP response header injection vulnerability.
e52bee02d270e61fcc601feb04ba41a21c63d1351ad0c4f5b84ee7ac4a8b1654
Takas Classified Codeigniter PHP Classified Ad Script version 1.1 suffers from a remote SQL injection vulnerability.
855deda835837c4de8a4be5bc12b68b7512e89dd5b06a0789a60f412da28513e
Some Seagate Business NAS devices are vulnerable to command execution via a local file include vulnerability hidden in the language parameter of the CodeIgniter session cookie. The vulnerability manifests in the way the language files are included in the code on the login page, and hence is open to attack from users without the need for authentication. The cookie can be easily decrypted using a known static encryption key and re-encrypted once the PHP object string has been modified. This Metasploit module has been tested on the STBN300 device.
0487fb38d28fb3a16f1e6da5666a62aa264281d650c6fa4c8f45c8249d44e294
CodeIgniter versions 2.1.4 suffer from a weakly encrypted cookie vulnerability if the Mcrypt PHP library is not installed.
ecbf837304eedee509b6d4b0af685f95cc4f63942f6dad1dd1b88c9a74a1f9e9
CodeIgniter versions 2.1.4 and below and Kohana versions 3.2.3 and below and 3.3.2 and below suffer from PHP object injection, a timing attack, and a remote code execution vulnerability.
d357c2844cd74c3664747fff941d56d0608de1bd1ced834e031486b9328c8121
Total Shop UK eCommerce, which is based on CodeIgniter version 2.1.2, suffers from a cross site scripting vulnerability.
5152d11e96f30211a557516deffd45d1b790edd8b739f21a1dd10b248c3997c9
Secunia Security Advisory - Dr. Marian Ventuneac has reported a vulnerability in CodeIgniter, which can be exploited by malicious people to conduct cross-site scripting attacks.
5a8ef81e21cde7b8456454f3c3d04d161c2f93d0a4760cbe036489321355de13
ExpressionEngine version 2.2.2 and CodeIgniter version 2.0.3 suffer from filter bypass and cross site scripting vulnerabilities.
fdab17029ae48b80689e4ddd515edc23100d07a8f55741743dc18b289e5b7a22
Secunia Security Advisory - A vulnerability has been discovered in CodeIgniter, which can be exploited by malicious people to compromise a vulnerable system.
b18d86a5fb642803cd19960f7e2a1ec385ad511f3f563004c4b3aaa09fa4a27c
CodeIgniter version 1.0 suffers from a remote file inclusion vulnerability.
aa605de6ddbe44872e07d663bc2e6cdcee145d746d798d00559a53cd8a42f1f8
Secunia Security Advisory - Lukasz Pilorz has reported a vulnerability and a weakness in CodeIgniter, which can be exploited by malicious people to disclose sensitive information and conduct cross-site scripting and header injection attacks.
593ce1d18612b968cf1253aacbd1700fbd35998ce29cb5ac2976271d5fbbe534
CodeIgniter versions below SVN 28.06.2007 suffer from directory traversal and cross site scripting vulnerabilities.
9c844f45f780673c7009cc92946fc378cba3a9fbd7112b32708978958096e5fd