Search
Find a vulnerability
Search criteria
88 vulnerabilities by codeigniter
CVE-2025-54418 (GCVE-0-2025-54418)
Vulnerability from nvd – Published: 2025-07-28 14:47 – Updated: 2025-07-28 17:19
VLAI
Title
CodeIgniter4's ImageMagick Handler has Command Injection Vulnerability
Summary
CodeIgniter is a PHP full-stack web framework. A command injection vulnerability present in versions prior to 4.6.2 affects applications that use the ImageMagick handler for image processing (`imagick` as the image library) and either allow file uploads with user-controlled filenames and process uploaded images using the `resize()` method or use the `text()` method with user-controlled text content or options. An attacker can upload a file with a malicious filename containing shell metacharacters that get executed when the image is processed or provide malicious text content or options that get executed when adding text to images Users should upgrade to v4.6.2 or later to receive a patch. As a workaround, switch to the GD image handler (`gd`, the default handler), which is not affected by either vulnerability. For file upload scenarios, instead of using user-provided filenames, generate random names to eliminate the attack vector with `getRandomName()` when using the `move()` method, or use the `store()` method, which automatically generates safe filenames. For text operations, if one must use ImageMagick with user-controlled text, sanitize the input to only allow safe characters and validate/restrict text options.
Severity
9.8 (Critical)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://github.com/codeigniter4/CodeIgniter4/secu… | x_refsource_CONFIRM |
| https://github.com/codeigniter4/CodeIgniter4/comm… | x_refsource_MISC |
| https://cwe.mitre.org/data/definitions/78.html | x_refsource_MISC |
| https://owasp.org/www-community/attacks/Command_I… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter4 | CodeIgniter4 |
Affected:
< 4.6.2
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-54418",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-28T17:19:03.230334Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-28T17:19:14.503Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "CodeIgniter4",
"vendor": "codeigniter4",
"versions": [
{
"status": "affected",
"version": "\u003c 4.6.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter is a PHP full-stack web framework. A command injection vulnerability present in versions prior to 4.6.2 affects applications that use the ImageMagick handler for image processing (`imagick` as the image library) and either allow file uploads with user-controlled filenames and process uploaded images using the `resize()` method or use the `text()` method with user-controlled text content or options. An attacker can upload a file with a malicious filename containing shell metacharacters that get executed when the image is processed or provide malicious text content or options that get executed when adding text to images Users should upgrade to v4.6.2 or later to receive a patch. As a workaround, switch to the GD image handler (`gd`, the default handler), which is not affected by either vulnerability. For file upload scenarios, instead of using user-provided filenames, generate random names to eliminate the attack vector with `getRandomName()` when using the `move()` method, or use the `store()` method, which automatically generates safe filenames. For text operations, if one must use ImageMagick with user-controlled text, sanitize the input to only allow safe characters and validate/restrict text options."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-28T14:47:20.887Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-9952-gv64-x94c",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-9952-gv64-x94c"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/commit/e18120bff1da691e1d15ffc1bf553ae7411762c0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/e18120bff1da691e1d15ffc1bf553ae7411762c0"
},
{
"name": "https://cwe.mitre.org/data/definitions/78.html",
"tags": [
"x_refsource_MISC"
],
"url": "https://cwe.mitre.org/data/definitions/78.html"
},
{
"name": "https://owasp.org/www-community/attacks/Command_Injection",
"tags": [
"x_refsource_MISC"
],
"url": "https://owasp.org/www-community/attacks/Command_Injection"
}
],
"source": {
"advisory": "GHSA-9952-gv64-x94c",
"discovery": "UNKNOWN"
},
"title": "CodeIgniter4\u0027s ImageMagick Handler has Command Injection Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-54418",
"datePublished": "2025-07-28T14:47:20.887Z",
"dateReserved": "2025-07-21T23:18:10.281Z",
"dateUpdated": "2025-07-28T17:19:14.503Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-24013 (GCVE-0-2025-24013)
Vulnerability from nvd – Published: 2025-01-20 15:57 – Updated: 2025-01-21 14:51
VLAI
Title
CodeIgniter validation of header name and value
Summary
CodeIgniter is a PHP full-stack web framework. Prior to 4.5.8, CodeIgniter lacked proper header validation for its name and value. The potential attacker can construct deliberately malformed headers with Header class. This could disrupt application functionality, potentially causing errors or generating invalid HTTP requests. In some cases, these malformed requests might lead to a DoS scenario if a remote service’s web application firewall interprets them as malicious and blocks further communication with the application. This vulnerability is fixed in 4.5.8.
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-436 - Interpretation Conflict
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://github.com/codeigniter4/CodeIgniter4/secu… | x_refsource_CONFIRM |
| https://github.com/codeigniter4/CodeIgniter4/comm… | x_refsource_MISC |
| https://datatracker.ietf.org/doc/html/rfc7230#sec… | x_refsource_MISC |
| https://github.com/advisories/GHSA-wxmh-65f7-jcvw | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter4 | CodeIgniter4 |
Affected:
< 4.5.8
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24013",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-21T14:50:53.085014Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-21T14:51:01.754Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "CodeIgniter4",
"vendor": "codeigniter4",
"versions": [
{
"status": "affected",
"version": "\u003c 4.5.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter is a PHP full-stack web framework. Prior to 4.5.8, CodeIgniter lacked proper header validation for its name and value. The potential attacker can construct deliberately malformed headers with Header class. This could disrupt application functionality, potentially causing errors or generating invalid HTTP requests. In some cases, these malformed requests might lead to a DoS scenario if a remote service\u2019s web application firewall interprets them as malicious and blocks further communication with the application. This vulnerability is fixed in 4.5.8."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-436",
"description": "CWE-436: Interpretation Conflict",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-20T15:58:32.110Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-x5mq-jjr3-vmx6",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-x5mq-jjr3-vmx6"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/commit/5f8aa24280fb09947897d6b322bf1f0e038b13b6",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/5f8aa24280fb09947897d6b322bf1f0e038b13b6"
},
{
"name": "https://datatracker.ietf.org/doc/html/rfc7230#section-3.2",
"tags": [
"x_refsource_MISC"
],
"url": "https://datatracker.ietf.org/doc/html/rfc7230#section-3.2"
},
{
"name": "https://github.com/advisories/GHSA-wxmh-65f7-jcvw",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/advisories/GHSA-wxmh-65f7-jcvw"
}
],
"source": {
"advisory": "GHSA-x5mq-jjr3-vmx6",
"discovery": "UNKNOWN"
},
"title": "CodeIgniter validation of header name and value"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-24013",
"datePublished": "2025-01-20T15:57:37.975Z",
"dateReserved": "2025-01-16T17:31:06.458Z",
"dateUpdated": "2025-01-21T14:51:01.754Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-41344 (GCVE-0-2024-41344)
Vulnerability from nvd – Published: 2024-10-15 00:00 – Updated: 2024-10-15 19:25
VLAI
Summary
A Cross-Site Request Forgery (CSRF) in Codeigniter 3.1.13 allows attackers to arbitrarily change the Administrator password and escalate privileges.
Severity
7.5 (High)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-352 - Cross-Site Request Forgery (CSRF)
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter |
Affected:
3.1.13
cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "codeigniter",
"vendor": "codeigniter",
"versions": [
{
"status": "affected",
"version": "3.1.13"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-41344",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-15T19:14:00.800389Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T19:25:10.969Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A Cross-Site Request Forgery (CSRF) in Codeigniter 3.1.13 allows attackers to arbitrarily change the Administrator password and escalate privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T18:52:33.476Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/kirilkirkov/Ecommerce-CodeIgniter-Bootstrap/issues/264"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-41344",
"datePublished": "2024-10-15T00:00:00.000Z",
"dateReserved": "2024-07-18T00:00:00.000Z",
"dateUpdated": "2024-10-15T19:25:10.969Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-6526 (GCVE-0-2024-6526)
Vulnerability from nvd – Published: 2024-07-05 13:31 – Updated: 2024-08-01 21:41
VLAI
Title
CodeIgniter Ecommerce-CodeIgniter-Bootstrap cross site scripting
Summary
A vulnerability classified as problematic has been found in CodeIgniter Ecommerce-CodeIgniter-Bootstrap up to 1998845073cf433bc6c250b0354461fbd84d0e03. This affects an unknown part. The manipulation of the argument search_title/catName/sub/name/categorie leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of the patch is 1b3da45308bb6c3f55247d0e99620b600bd85277. It is recommended to apply a patch to fix this issue. The identifier VDB-270369 was assigned to this vulnerability.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Cross Site Scripting
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.270369 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.270369 | signaturepermissions-required |
| https://vuldb.com/?submit.368472 | third-party-advisory |
| https://github.com/kirilkirkov/Ecommerce-CodeIgni… | issue-tracking |
| https://github.com/kirilkirkov/Ecommerce-CodeIgni… | exploitissue-tracking |
| https://github.com/kirilkirkov/Ecommerce-CodeIgni… | patch |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| CodeIgniter | Ecommerce-CodeIgniter-Bootstrap |
Affected:
1998845073cf433bc6c250b0354461fbd84d0e03
|
|
| codeigniter | codeigniter |
Affected:
0 , < 1b3da45
(custom)
cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "codeigniter",
"vendor": "codeigniter",
"versions": [
{
"lessThan": "1b3da45",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6526",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-08T14:22:53.940935Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-08T14:25:09.461Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:41:03.521Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VDB-270369 | CodeIgniter Ecommerce-CodeIgniter-Bootstrap cross site scripting",
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.270369"
},
{
"name": "VDB-270369 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.270369"
},
{
"name": "Submit #368472 | CodeIgniter Foundation Codeigniter 3.1.13 Cross Site Scripting",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://vuldb.com/?submit.368472"
},
{
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://github.com/kirilkirkov/Ecommerce-CodeIgniter-Bootstrap/issues/263"
},
{
"tags": [
"exploit",
"issue-tracking",
"x_transferred"
],
"url": "https://github.com/kirilkirkov/Ecommerce-CodeIgniter-Bootstrap/issues/263#issuecomment-2199387443"
},
{
"tags": [
"patch",
"x_transferred"
],
"url": "https://github.com/kirilkirkov/Ecommerce-CodeIgniter-Bootstrap/commit/1b3da45308bb6c3f55247d0e99620b600bd85277"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Ecommerce-CodeIgniter-Bootstrap",
"vendor": "CodeIgniter",
"versions": [
{
"status": "affected",
"version": "1998845073cf433bc6c250b0354461fbd84d0e03"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Juan Carlos Martinez"
},
{
"lang": "en",
"type": "reporter",
"value": "evilcode52 (VulDB User)"
},
{
"lang": "en",
"type": "analyst",
"value": "evilcode52 (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic has been found in CodeIgniter Ecommerce-CodeIgniter-Bootstrap up to 1998845073cf433bc6c250b0354461fbd84d0e03. This affects an unknown part. The manipulation of the argument search_title/catName/sub/name/categorie leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of the patch is 1b3da45308bb6c3f55247d0e99620b600bd85277. It is recommended to apply a patch to fix this issue. The identifier VDB-270369 was assigned to this vulnerability."
},
{
"lang": "de",
"value": "Es wurde eine Schwachstelle in CodeIgniter Ecommerce-CodeIgniter-Bootstrap bis 1998845073cf433bc6c250b0354461fbd84d0e03 entdeckt. Sie wurde als problematisch eingestuft. Betroffen hiervon ist ein unbekannter Ablauf. Dank der Manipulation des Arguments search_title/catName/sub/name/categorie mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung. Der Patch wird als 1b3da45308bb6c3f55247d0e99620b600bd85277 bezeichnet. Als bestm\u00f6gliche Massnahme wird Patching empfohlen."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross Site Scripting",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-09T18:28:27.978Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-270369 | CodeIgniter Ecommerce-CodeIgniter-Bootstrap cross site scripting",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.270369"
},
{
"name": "VDB-270369 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.270369"
},
{
"name": "Submit #368472 | CodeIgniter Foundation Codeigniter 3.1.13 Cross Site Scripting",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.368472"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/kirilkirkov/Ecommerce-CodeIgniter-Bootstrap/issues/263"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/kirilkirkov/Ecommerce-CodeIgniter-Bootstrap/issues/263#issuecomment-2199387443"
},
{
"tags": [
"patch"
],
"url": "https://github.com/kirilkirkov/Ecommerce-CodeIgniter-Bootstrap/commit/1b3da45308bb6c3f55247d0e99620b600bd85277"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-07-05T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2024-07-05T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2024-07-09T20:30:24.000Z",
"value": "VulDB entry last update"
}
],
"title": "CodeIgniter Ecommerce-CodeIgniter-Bootstrap cross site scripting"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2024-6526",
"datePublished": "2024-07-05T13:31:04.482Z",
"dateReserved": "2024-07-05T05:43:30.746Z",
"dateUpdated": "2024-08-01T21:41:03.521Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-29904 (GCVE-0-2024-29904)
Vulnerability from nvd – Published: 2024-03-29 15:32 – Updated: 2024-08-21 22:44
VLAI
Title
CodeIgniter4 Language class DoS Vulnerability
Summary
CodeIgniter is a PHP full-stack web framework A vulnerability was found in the Language class that allowed DoS attacks. This vulnerability can be exploited by an attacker to consume a large amount of memory on the server. Upgrade to v4.4.7 or later.
Severity
7.5 (High)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/codeigniter4/CodeIgniter4/secu… | x_refsource_CONFIRM |
| https://github.com/codeigniter4/CodeIgniter4/comm… | x_refsource_MISC |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter4 | CodeIgniter4 |
Affected:
< 4.4.7
|
|
| codeigniter | codeigniter |
Affected:
4.0 , < 4.4.7
(custom)
cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:17:58.591Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-39fp-mqmm-gxj6",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-39fp-mqmm-gxj6"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/commit/fa851acbae7ae4c5a97f8f38ae87aa0822a334c0",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/fa851acbae7ae4c5a97f8f38ae87aa0822a334c0"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "codeigniter",
"vendor": "codeigniter",
"versions": [
{
"lessThan": "4.4.7",
"status": "affected",
"version": "4.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-29904",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-01T20:01:34.809685Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-21T22:44:16.609Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "CodeIgniter4",
"vendor": "codeigniter4",
"versions": [
{
"status": "affected",
"version": "\u003c 4.4.7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter is a PHP full-stack web framework A vulnerability was found in the Language class that allowed DoS attacks. This vulnerability can be exploited by an attacker to consume a large amount of memory on the server. Upgrade to v4.4.7 or later. \n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-835",
"description": "CWE-835: Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-29T15:32:38.686Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-39fp-mqmm-gxj6",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-39fp-mqmm-gxj6"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/commit/fa851acbae7ae4c5a97f8f38ae87aa0822a334c0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/fa851acbae7ae4c5a97f8f38ae87aa0822a334c0"
}
],
"source": {
"advisory": "GHSA-39fp-mqmm-gxj6",
"discovery": "UNKNOWN"
},
"title": "CodeIgniter4 Language class DoS Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-29904",
"datePublished": "2024-03-29T15:32:38.686Z",
"dateReserved": "2024-03-21T15:12:09.000Z",
"dateUpdated": "2024-08-21T22:44:16.609Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-48708 (GCVE-0-2023-48708)
Vulnerability from nvd – Published: 2023-11-24 17:16 – Updated: 2024-08-02 21:37
VLAI
Title
Insertion of Sensitive Information into Log in codeigniter4/shield
Summary
CodeIgniter Shield is an authentication and authorization provider for CodeIgniter 4. In affected versions successful login attempts are recorded with the raw tokens stored in the log table. If a malicious person somehow views the data in the log table they can obtain a raw token which can then be used to send a request with that user's authority. This issue has been addressed in version 1.0.0-beta.8. Users are advised to upgrade. Users unable to upgrade should disable logging for successful login attempts by the configuration files.
Severity
5 (Medium)
CWE
- CWE-532 - Insertion of Sensitive Information into Log File
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/codeigniter4/shield/security/a… | x_refsource_CONFIRM |
| https://github.com/codeigniter4/shield/commit/7e8… | x_refsource_MISC |
| https://codeigniter4.github.io/shield/getting_sta… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter4 | shield |
Affected:
< 1.0.0-beta.8
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:37:54.644Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/codeigniter4/shield/security/advisories/GHSA-j72f-h752-mx4w",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/codeigniter4/shield/security/advisories/GHSA-j72f-h752-mx4w"
},
{
"name": "https://github.com/codeigniter4/shield/commit/7e84c3fb3411294f70890819bfe51781bb9dc8e4",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/codeigniter4/shield/commit/7e84c3fb3411294f70890819bfe51781bb9dc8e4"
},
{
"name": "https://codeigniter4.github.io/shield/getting_started/authenticators/",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://codeigniter4.github.io/shield/getting_started/authenticators/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "shield",
"vendor": "codeigniter4",
"versions": [
{
"status": "affected",
"version": "\u003c 1.0.0-beta.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter Shield is an authentication and authorization provider for CodeIgniter 4. In affected versions successful login attempts are recorded with the raw tokens stored in the log table. If a malicious person somehow views the data in the log table they can obtain a raw token which can then be used to send a request with that user\u0027s authority. This issue has been addressed in version 1.0.0-beta.8. Users are advised to upgrade. Users unable to upgrade should disable logging for successful login attempts by the configuration files."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532: Insertion of Sensitive Information into Log File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-24T17:16:15.732Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/codeigniter4/shield/security/advisories/GHSA-j72f-h752-mx4w",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/codeigniter4/shield/security/advisories/GHSA-j72f-h752-mx4w"
},
{
"name": "https://github.com/codeigniter4/shield/commit/7e84c3fb3411294f70890819bfe51781bb9dc8e4",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/codeigniter4/shield/commit/7e84c3fb3411294f70890819bfe51781bb9dc8e4"
},
{
"name": "https://codeigniter4.github.io/shield/getting_started/authenticators/",
"tags": [
"x_refsource_MISC"
],
"url": "https://codeigniter4.github.io/shield/getting_started/authenticators/"
}
],
"source": {
"advisory": "GHSA-j72f-h752-mx4w",
"discovery": "UNKNOWN"
},
"title": "Insertion of Sensitive Information into Log in codeigniter4/shield"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-48708",
"datePublished": "2023-11-24T17:16:15.732Z",
"dateReserved": "2023-11-17T19:43:37.554Z",
"dateUpdated": "2024-08-02T21:37:54.644Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-48707 (GCVE-0-2023-48707)
Vulnerability from nvd – Published: 2023-11-24 17:23 – Updated: 2024-08-02 21:37
VLAI
Title
Cleartext Storage of Sensitive Information in codeigniter4/shield
Summary
CodeIgniter Shield is an authentication and authorization provider for CodeIgniter 4. The `secretKey` value is an important key for HMAC SHA256 authentication and in affected versions was stored in the database in cleartext form. If a malicious person somehow had access to the data in the database, they could use the key and secretKey for HMAC SHA256 authentication to send requests impersonating that corresponding user. This issue has been addressed in version 1.0.0-beta.8. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Severity
5 (Medium)
CWE
- CWE-312 - Cleartext Storage of Sensitive Information
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/codeigniter4/shield/security/a… | x_refsource_CONFIRM |
| https://github.com/codeigniter4/shield/commit/f77… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter4 | shield |
Affected:
< 1.0.0-beta.8
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:37:54.651Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/codeigniter4/shield/security/advisories/GHSA-v427-c49j-8w6x",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/codeigniter4/shield/security/advisories/GHSA-v427-c49j-8w6x"
},
{
"name": "https://github.com/codeigniter4/shield/commit/f77c6ae20275ac1245330a2b9a523bf7e6f6202f",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/codeigniter4/shield/commit/f77c6ae20275ac1245330a2b9a523bf7e6f6202f"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "shield",
"vendor": "codeigniter4",
"versions": [
{
"status": "affected",
"version": "\u003c 1.0.0-beta.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter Shield is an authentication and authorization provider for CodeIgniter 4. The `secretKey` value is an important key for HMAC SHA256 authentication and in affected versions was stored in the database in cleartext form. If a malicious person somehow had access to the data in the database, they could use the key and secretKey for HMAC SHA256 authentication to send requests impersonating that corresponding user. This issue has been addressed in version 1.0.0-beta.8. Users are advised to upgrade. There are no known workarounds for this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-312",
"description": "CWE-312: Cleartext Storage of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-24T17:23:34.798Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/codeigniter4/shield/security/advisories/GHSA-v427-c49j-8w6x",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/codeigniter4/shield/security/advisories/GHSA-v427-c49j-8w6x"
},
{
"name": "https://github.com/codeigniter4/shield/commit/f77c6ae20275ac1245330a2b9a523bf7e6f6202f",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/codeigniter4/shield/commit/f77c6ae20275ac1245330a2b9a523bf7e6f6202f"
}
],
"source": {
"advisory": "GHSA-v427-c49j-8w6x",
"discovery": "UNKNOWN"
},
"title": "Cleartext Storage of Sensitive Information in codeigniter4/shield"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-48707",
"datePublished": "2023-11-24T17:23:34.798Z",
"dateReserved": "2023-11-17T19:43:37.554Z",
"dateUpdated": "2024-08-02T21:37:54.651Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-46240 (GCVE-0-2023-46240)
Vulnerability from nvd – Published: 2023-10-31 15:03 – Updated: 2024-09-05 17:36
VLAI
Title
CodeIgniter4 vulnerable to information disclosure when detailed error report is displayed in production environment
Summary
CodeIgniter is a PHP full-stack web framework. Prior to CodeIgniter4 version 4.4.3, if an error or exception occurs, a detailed error report is displayed even if in the production environment. As a result, confidential information may be leaked. Version 4.4.3 contains a patch. As a workaround, replace `ini_set('display_errors', '0')` with `ini_set('display_errors', 'Off')` in `app/Config/Boot/production.php`.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-209 - Generation of Error Message Containing Sensitive Information
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/codeigniter4/CodeIgniter4/secu… | x_refsource_CONFIRM |
| https://github.com/codeigniter4/CodeIgniter4/comm… | x_refsource_MISC |
| https://codeigniter4.github.io/userguide/general/… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter4 | CodeIgniter4 |
Affected:
< 4.4.3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:37:40.233Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-hwxf-qxj7-7rfj",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-hwxf-qxj7-7rfj"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/commit/423569fc31e29f51635a2e59c89770333f0e7563",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/423569fc31e29f51635a2e59c89770333f0e7563"
},
{
"name": "https://codeigniter4.github.io/userguide/general/errors.html#error-reporting",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://codeigniter4.github.io/userguide/general/errors.html#error-reporting"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-46240",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-05T17:35:16.659348Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T17:36:02.600Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "CodeIgniter4",
"vendor": "codeigniter4",
"versions": [
{
"status": "affected",
"version": "\u003c 4.4.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter is a PHP full-stack web framework. Prior to CodeIgniter4 version 4.4.3, if an error or exception occurs, a detailed error report is displayed even if in the production environment. As a result, confidential information may be leaked. Version 4.4.3 contains a patch. As a workaround, replace `ini_set(\u0027display_errors\u0027, \u00270\u0027)` with `ini_set(\u0027display_errors\u0027, \u0027Off\u0027)` in `app/Config/Boot/production.php`."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-209",
"description": "CWE-209: Generation of Error Message Containing Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-31T15:03:51.798Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-hwxf-qxj7-7rfj",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-hwxf-qxj7-7rfj"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/commit/423569fc31e29f51635a2e59c89770333f0e7563",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/423569fc31e29f51635a2e59c89770333f0e7563"
},
{
"name": "https://codeigniter4.github.io/userguide/general/errors.html#error-reporting",
"tags": [
"x_refsource_MISC"
],
"url": "https://codeigniter4.github.io/userguide/general/errors.html#error-reporting"
}
],
"source": {
"advisory": "GHSA-hwxf-qxj7-7rfj",
"discovery": "UNKNOWN"
},
"title": "CodeIgniter4 vulnerable to information disclosure when detailed error report is displayed in production environment"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-46240",
"datePublished": "2023-10-31T15:03:51.798Z",
"dateReserved": "2023-10-19T20:34:00.947Z",
"dateUpdated": "2024-09-05T17:36:02.600Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-32692 (GCVE-0-2023-32692)
Vulnerability from nvd – Published: 2023-05-30 03:15 – Updated: 2025-01-10 20:38
VLAI
Title
Remote Code Execution Vulnerability in Validation Placeholders
Summary
CodeIgniter is a PHP full-stack web framework. This vulnerability allows attackers to execute arbitrary code when you use Validation Placeholders. The vulnerability exists in the Validation library, and validation methods in the controller and in-model validation are also vulnerable because they use the Validation library internally. This issue is patched in version 4.3.5.
Severity
9.8 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/codeigniter4/CodeIgniter4/secu… | x_refsource_CONFIRM |
| https://github.com/codeigniter4/CodeIgniter4/blob… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter4 | CodeIgniter4 |
Affected:
< 4.3.5
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:25:36.360Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-m6m8-6gq8-c9fj",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-m6m8-6gq8-c9fj"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/blob/develop/CHANGELOG.md",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/blob/develop/CHANGELOG.md"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-32692",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-10T20:38:34.423818Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-10T20:38:42.898Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "CodeIgniter4",
"vendor": "codeigniter4",
"versions": [
{
"status": "affected",
"version": "\u003c 4.3.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter is a PHP full-stack web framework. This vulnerability allows attackers to execute arbitrary code when you use Validation Placeholders. The vulnerability exists in the Validation library, and validation methods in the controller and in-model validation are also vulnerable because they use the Validation library internally. This issue is patched in version 4.3.5.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-30T03:15:01.363Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-m6m8-6gq8-c9fj",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-m6m8-6gq8-c9fj"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/blob/develop/CHANGELOG.md",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/blob/develop/CHANGELOG.md"
}
],
"source": {
"advisory": "GHSA-m6m8-6gq8-c9fj",
"discovery": "UNKNOWN"
},
"title": "Remote Code Execution Vulnerability in Validation Placeholders"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-32692",
"datePublished": "2023-05-30T03:15:01.363Z",
"dateReserved": "2023-05-11T16:33:45.733Z",
"dateUpdated": "2025-01-10T20:38:42.898Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-27580 (GCVE-0-2023-27580)
Vulnerability from nvd – Published: 2023-03-13 17:14 – Updated: 2025-02-25 14:58
VLAI
Title
CodeIgniter Shield Password Shucking Vulnerability
Summary
CodeIgniter Shield provides authentication and authorization for the CodeIgniter 4 PHP framework. An improper implementation was found in the password storage process. All hashed passwords stored in Shield v1.0.0-beta.3 or earlier are easier to crack than expected due to the vulnerability. Therefore, they should be removed as soon as possible. If an attacker gets (1) the user's hashed password by Shield, and (2) the hashed password (SHA-384 hash without salt) from somewhere, the attacker may easily crack the user's password. Upgrade to Shield v1.0.0-beta.4 or later to fix this issue. After upgrading, all users’ hashed passwords should be updated (saved to the database). There are no known workarounds.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-916 - Use of Password Hash With Insufficient Computational Effort
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://github.com/codeigniter4/shield/security/a… | x_refsource_CONFIRM |
| https://github.com/codeigniter4/shield/commit/ea9… | x_refsource_MISC |
| https://blog.ircmaxell.com/2015/03/security-issue… | x_refsource_MISC |
| https://cheatsheetseries.owasp.org/cheatsheets/Pa… | x_refsource_MISC |
| https://github.com/codeigniter4/shield/blob/devel… | x_refsource_MISC |
| https://www.scottbrady91.com/authentication/bewar… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter4 | shield |
Affected:
< 1.0.0-beta.4
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:16:35.616Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/codeigniter4/shield/security/advisories/GHSA-c5vj-f36q-p9vg",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/codeigniter4/shield/security/advisories/GHSA-c5vj-f36q-p9vg"
},
{
"name": "https://github.com/codeigniter4/shield/commit/ea9688dd01d100193d834117dbfc2cfabcf9ea0b",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/codeigniter4/shield/commit/ea9688dd01d100193d834117dbfc2cfabcf9ea0b"
},
{
"name": "https://blog.ircmaxell.com/2015/03/security-issue-combining-bcrypt-with.html",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.ircmaxell.com/2015/03/security-issue-combining-bcrypt-with.html"
},
{
"name": "https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#pre-hashing-passwords",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#pre-hashing-passwords"
},
{
"name": "https://github.com/codeigniter4/shield/blob/develop/UPGRADING.md",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/codeigniter4/shield/blob/develop/UPGRADING.md"
},
{
"name": "https://www.scottbrady91.com/authentication/beware-of-password-shucking",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.scottbrady91.com/authentication/beware-of-password-shucking"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-27580",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-25T14:31:16.695445Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-25T14:58:30.664Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "shield",
"vendor": "codeigniter4",
"versions": [
{
"status": "affected",
"version": "\u003c 1.0.0-beta.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter Shield provides authentication and authorization for the CodeIgniter 4 PHP framework. An improper implementation was found in the password storage process. All hashed passwords stored in Shield v1.0.0-beta.3 or earlier are easier to crack than expected due to the vulnerability. Therefore, they should be removed as soon as possible. If an attacker gets (1) the user\u0027s hashed password by Shield, and (2) the hashed password (SHA-384 hash without salt) from somewhere, the attacker may easily crack the user\u0027s password. Upgrade to Shield v1.0.0-beta.4 or later to fix this issue. After upgrading, all users\u2019 hashed passwords should be updated (saved to the database). There are no known workarounds."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-916",
"description": "CWE-916: Use of Password Hash With Insufficient Computational Effort",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-13T17:14:58.687Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/codeigniter4/shield/security/advisories/GHSA-c5vj-f36q-p9vg",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/codeigniter4/shield/security/advisories/GHSA-c5vj-f36q-p9vg"
},
{
"name": "https://github.com/codeigniter4/shield/commit/ea9688dd01d100193d834117dbfc2cfabcf9ea0b",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/codeigniter4/shield/commit/ea9688dd01d100193d834117dbfc2cfabcf9ea0b"
},
{
"name": "https://blog.ircmaxell.com/2015/03/security-issue-combining-bcrypt-with.html",
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.ircmaxell.com/2015/03/security-issue-combining-bcrypt-with.html"
},
{
"name": "https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#pre-hashing-passwords",
"tags": [
"x_refsource_MISC"
],
"url": "https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#pre-hashing-passwords"
},
{
"name": "https://github.com/codeigniter4/shield/blob/develop/UPGRADING.md",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/codeigniter4/shield/blob/develop/UPGRADING.md"
},
{
"name": "https://www.scottbrady91.com/authentication/beware-of-password-shucking",
"tags": [
"x_refsource_MISC"
],
"url": "https://www.scottbrady91.com/authentication/beware-of-password-shucking"
}
],
"source": {
"advisory": "GHSA-c5vj-f36q-p9vg",
"discovery": "UNKNOWN"
},
"title": "CodeIgniter Shield Password Shucking Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-27580",
"datePublished": "2023-03-13T17:14:58.687Z",
"dateReserved": "2023-03-04T01:03:53.633Z",
"dateUpdated": "2025-02-25T14:58:30.664Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-46170 (GCVE-0-2022-46170)
Vulnerability from nvd – Published: 2022-12-22 18:58 – Updated: 2025-04-15 14:33
VLAI
Title
CodeIgniter is vulnerable to improper authentication via Session Handlers
Summary
CodeIgniter is a PHP full-stack web framework. When an application uses (1) multiple session cookies (e.g., one for user pages and one for admin pages) and (2) a session handler is set to `DatabaseHandler`, `MemcachedHandler`, or `RedisHandler`, then if an attacker gets one session cookie (e.g., one for user pages), they may be able to access pages that require another session cookie (e.g., for admin pages). This issue has been patched, please upgrade to version 4.2.11 or later. As a workaround, use only one session cookie.
Severity
8.6 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-287 - Improper Authentication
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/codeigniter4/CodeIgniter4/secu… | x_refsource_CONFIRM |
| https://github.com/codeigniter4/CodeIgniter4/comm… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter4 | CodeIgniter4 |
Affected:
< 4.2.11
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:24:03.375Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-6cq5-8cj7-g558",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-6cq5-8cj7-g558"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/commit/f9fb6574fbeb5a4aa63f7ea87296523e10db9328",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/f9fb6574fbeb5a4aa63f7ea87296523e10db9328"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-46170",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-15T14:32:54.141561Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-15T14:33:06.620Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "CodeIgniter4",
"vendor": "codeigniter4",
"versions": [
{
"status": "affected",
"version": "\u003c 4.2.11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter is a PHP full-stack web framework. When an application uses (1) multiple session cookies (e.g., one for user pages and one for admin pages) and (2) a session handler is set to `DatabaseHandler`, `MemcachedHandler`, or `RedisHandler`, then if an attacker gets one session cookie (e.g., one for user pages), they may be able to access pages that require another session cookie (e.g., for admin pages). This issue has been patched, please upgrade to version 4.2.11 or later. As a workaround, use only one session cookie."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287: Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-22T18:58:17.658Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-6cq5-8cj7-g558",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-6cq5-8cj7-g558"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/commit/f9fb6574fbeb5a4aa63f7ea87296523e10db9328",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/f9fb6574fbeb5a4aa63f7ea87296523e10db9328"
}
],
"source": {
"advisory": "GHSA-6cq5-8cj7-g558",
"discovery": "UNKNOWN"
},
"title": "CodeIgniter is vulnerable to improper authentication via Session Handlers"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-46170",
"datePublished": "2022-12-22T18:58:17.658Z",
"dateReserved": "2022-11-28T17:27:19.998Z",
"dateUpdated": "2025-04-15T14:33:06.620Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-23556 (GCVE-0-2022-23556)
Vulnerability from nvd – Published: 2022-12-22 18:50 – Updated: 2025-04-15 14:37
VLAI
Title
CodeIgniter is vulnerable to IP address spoofing when using proxy
Summary
CodeIgniter is a PHP full-stack web framework. This vulnerability may allow attackers to spoof their IP address when the server is behind a reverse proxy. This issue has been patched, please upgrade to version 4.2.11 or later, and configure `Config\App::$proxyIPs`. As a workaround, do not use `$request->getIPAddress()`.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-345 - Insufficient Verification of Data Authenticity
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/codeigniter4/CodeIgniter4/secu… | x_refsource_CONFIRM |
| https://github.com/codeigniter4/CodeIgniter4/comm… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter4 | CodeIgniter4 |
Affected:
< 4.2.11
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:43:46.542Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-ghw3-5qvm-3mqc",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-ghw3-5qvm-3mqc"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/commit/5ca8c99b2db09a2a08a013836628028ddc984659",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/5ca8c99b2db09a2a08a013836628028ddc984659"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-23556",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-15T14:36:49.954898Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-15T14:37:02.216Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "CodeIgniter4",
"vendor": "codeigniter4",
"versions": [
{
"status": "affected",
"version": "\u003c 4.2.11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter is a PHP full-stack web framework. This vulnerability may allow attackers to spoof their IP address when the server is behind a reverse proxy. This issue has been patched, please upgrade to version 4.2.11 or later, and configure `Config\\App::$proxyIPs`. As a workaround, do not use `$request-\u003egetIPAddress()`.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-345",
"description": "CWE-345: Insufficient Verification of Data Authenticity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-22T18:50:55.443Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-ghw3-5qvm-3mqc",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-ghw3-5qvm-3mqc"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/commit/5ca8c99b2db09a2a08a013836628028ddc984659",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/5ca8c99b2db09a2a08a013836628028ddc984659"
}
],
"source": {
"advisory": "GHSA-ghw3-5qvm-3mqc",
"discovery": "UNKNOWN"
},
"title": "CodeIgniter is vulnerable to IP address spoofing when using proxy"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-23556",
"datePublished": "2022-12-22T18:50:55.443Z",
"dateReserved": "2022-01-19T21:23:53.803Z",
"dateUpdated": "2025-04-15T14:37:02.216Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-40835 (GCVE-0-2022-40835)
Vulnerability from nvd – Published: 2022-10-07 00:00 – Updated: 2024-08-03 12:28 Disputed
VLAI
Summary
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php. Note: Multiple third parties have disputed this as not a valid vulnerability
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:28:42.681Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "B.C. Institute of Technology CodeIgniter \u003c=3.1.13 is vulnerable to SQL Injection via system\\database\\DB_query_builder.php. Note: Multiple third parties have disputed this as not a valid vulnerability"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-17T20:17:37.371Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
}
],
"tags": [
"disputed"
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-40835",
"datePublished": "2022-10-07T00:00:00.000Z",
"dateReserved": "2022-09-19T00:00:00.000Z",
"dateUpdated": "2024-08-03T12:28:42.681Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-40834 (GCVE-0-2022-40834)
Vulnerability from nvd – Published: 2022-10-07 00:00 – Updated: 2024-08-03 12:28 Disputed
VLAI
Summary
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_not_like() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:28:42.577Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "B.C. Institute of Technology CodeIgniter \u003c=3.1.13 is vulnerable to SQL Injection via system\\database\\DB_query_builder.php or_not_like() function. Note: Multiple third parties have disputed this as not a valid vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-17T20:19:16.755Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
}
],
"tags": [
"disputed"
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-40834",
"datePublished": "2022-10-07T00:00:00.000Z",
"dateReserved": "2022-09-19T00:00:00.000Z",
"dateUpdated": "2024-08-03T12:28:42.577Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-40833 (GCVE-0-2022-40833)
Vulnerability from nvd – Published: 2022-10-07 00:00 – Updated: 2024-08-03 12:28 Disputed
VLAI
Summary
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_where_in() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-40833",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-20T18:14:05.745479Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:15:37.441Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:28:42.527Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "B.C. Institute of Technology CodeIgniter \u003c=3.1.13 is vulnerable to SQL Injection via system\\database\\DB_query_builder.php or_where_in() function. Note: Multiple third parties have disputed this as not a valid vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-17T20:20:01.424Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
}
],
"tags": [
"disputed"
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-40833",
"datePublished": "2022-10-07T00:00:00.000Z",
"dateReserved": "2022-09-19T00:00:00.000Z",
"dateUpdated": "2024-08-03T12:28:42.527Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-40832 (GCVE-0-2022-40832)
Vulnerability from nvd – Published: 2022-10-07 00:00 – Updated: 2024-08-03 12:28 Disputed
VLAI
Summary
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php having() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:28:42.560Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "B.C. Institute of Technology CodeIgniter \u003c=3.1.13 is vulnerable to SQL Injection via system\\database\\DB_query_builder.php having() function. Note: Multiple third parties have disputed this as not a valid vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-17T20:20:57.690Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
}
],
"tags": [
"disputed"
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-40832",
"datePublished": "2022-10-07T00:00:00.000Z",
"dateReserved": "2022-09-19T00:00:00.000Z",
"dateUpdated": "2024-08-03T12:28:42.560Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-40831 (GCVE-0-2022-40831)
Vulnerability from nvd – Published: 2022-10-07 00:00 – Updated: 2024-08-03 12:28 Disputed
VLAI
Summary
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php like() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:28:42.882Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "B.C. Institute of Technology CodeIgniter \u003c=3.1.13 is vulnerable to SQL Injection via system\\database\\DB_query_builder.php like() function. Note: Multiple third parties have disputed this as not a valid vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-17T20:21:43.519Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
}
],
"tags": [
"disputed"
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-40831",
"datePublished": "2022-10-07T00:00:00.000Z",
"dateReserved": "2022-09-19T00:00:00.000Z",
"dateUpdated": "2024-08-03T12:28:42.882Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-40830 (GCVE-0-2022-40830)
Vulnerability from nvd – Published: 2022-10-07 00:00 – Updated: 2024-08-03 12:28 Disputed
VLAI
Summary
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php where_not_in() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
Severity
9.8 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter |
Affected:
0 , ≤ 3.1.13
(custom)
cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "codeigniter",
"vendor": "codeigniter",
"versions": [
{
"lessThanOrEqual": "3.1.13",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-40830",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-18T19:08:45.528803Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-18T19:15:21.322Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:28:42.554Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "B.C. Institute of Technology CodeIgniter \u003c=3.1.13 is vulnerable to SQL Injection via system\\database\\DB_query_builder.php where_not_in() function. Note: Multiple third parties have disputed this as not a valid vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-17T20:22:22.788Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"
},
{
"url": "https://github.com/bcit-ci/CodeIgniter/issues/6161"
}
],
"tags": [
"disputed"
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-40830",
"datePublished": "2022-10-07T00:00:00.000Z",
"dateReserved": "2022-09-19T00:00:00.000Z",
"dateUpdated": "2024-08-03T12:28:42.554Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-54418 (GCVE-0-2025-54418)
Vulnerability from cvelistv5 – Published: 2025-07-28 14:47 – Updated: 2025-07-28 17:19
VLAI
Title
CodeIgniter4's ImageMagick Handler has Command Injection Vulnerability
Summary
CodeIgniter is a PHP full-stack web framework. A command injection vulnerability present in versions prior to 4.6.2 affects applications that use the ImageMagick handler for image processing (`imagick` as the image library) and either allow file uploads with user-controlled filenames and process uploaded images using the `resize()` method or use the `text()` method with user-controlled text content or options. An attacker can upload a file with a malicious filename containing shell metacharacters that get executed when the image is processed or provide malicious text content or options that get executed when adding text to images Users should upgrade to v4.6.2 or later to receive a patch. As a workaround, switch to the GD image handler (`gd`, the default handler), which is not affected by either vulnerability. For file upload scenarios, instead of using user-provided filenames, generate random names to eliminate the attack vector with `getRandomName()` when using the `move()` method, or use the `store()` method, which automatically generates safe filenames. For text operations, if one must use ImageMagick with user-controlled text, sanitize the input to only allow safe characters and validate/restrict text options.
Severity
9.8 (Critical)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://github.com/codeigniter4/CodeIgniter4/secu… | x_refsource_CONFIRM |
| https://github.com/codeigniter4/CodeIgniter4/comm… | x_refsource_MISC |
| https://cwe.mitre.org/data/definitions/78.html | x_refsource_MISC |
| https://owasp.org/www-community/attacks/Command_I… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter4 | CodeIgniter4 |
Affected:
< 4.6.2
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-54418",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-28T17:19:03.230334Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-28T17:19:14.503Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "CodeIgniter4",
"vendor": "codeigniter4",
"versions": [
{
"status": "affected",
"version": "\u003c 4.6.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter is a PHP full-stack web framework. A command injection vulnerability present in versions prior to 4.6.2 affects applications that use the ImageMagick handler for image processing (`imagick` as the image library) and either allow file uploads with user-controlled filenames and process uploaded images using the `resize()` method or use the `text()` method with user-controlled text content or options. An attacker can upload a file with a malicious filename containing shell metacharacters that get executed when the image is processed or provide malicious text content or options that get executed when adding text to images Users should upgrade to v4.6.2 or later to receive a patch. As a workaround, switch to the GD image handler (`gd`, the default handler), which is not affected by either vulnerability. For file upload scenarios, instead of using user-provided filenames, generate random names to eliminate the attack vector with `getRandomName()` when using the `move()` method, or use the `store()` method, which automatically generates safe filenames. For text operations, if one must use ImageMagick with user-controlled text, sanitize the input to only allow safe characters and validate/restrict text options."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-28T14:47:20.887Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-9952-gv64-x94c",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-9952-gv64-x94c"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/commit/e18120bff1da691e1d15ffc1bf553ae7411762c0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/e18120bff1da691e1d15ffc1bf553ae7411762c0"
},
{
"name": "https://cwe.mitre.org/data/definitions/78.html",
"tags": [
"x_refsource_MISC"
],
"url": "https://cwe.mitre.org/data/definitions/78.html"
},
{
"name": "https://owasp.org/www-community/attacks/Command_Injection",
"tags": [
"x_refsource_MISC"
],
"url": "https://owasp.org/www-community/attacks/Command_Injection"
}
],
"source": {
"advisory": "GHSA-9952-gv64-x94c",
"discovery": "UNKNOWN"
},
"title": "CodeIgniter4\u0027s ImageMagick Handler has Command Injection Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-54418",
"datePublished": "2025-07-28T14:47:20.887Z",
"dateReserved": "2025-07-21T23:18:10.281Z",
"dateUpdated": "2025-07-28T17:19:14.503Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-24013 (GCVE-0-2025-24013)
Vulnerability from cvelistv5 – Published: 2025-01-20 15:57 – Updated: 2025-01-21 14:51
VLAI
Title
CodeIgniter validation of header name and value
Summary
CodeIgniter is a PHP full-stack web framework. Prior to 4.5.8, CodeIgniter lacked proper header validation for its name and value. The potential attacker can construct deliberately malformed headers with Header class. This could disrupt application functionality, potentially causing errors or generating invalid HTTP requests. In some cases, these malformed requests might lead to a DoS scenario if a remote service’s web application firewall interprets them as malicious and blocks further communication with the application. This vulnerability is fixed in 4.5.8.
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-436 - Interpretation Conflict
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://github.com/codeigniter4/CodeIgniter4/secu… | x_refsource_CONFIRM |
| https://github.com/codeigniter4/CodeIgniter4/comm… | x_refsource_MISC |
| https://datatracker.ietf.org/doc/html/rfc7230#sec… | x_refsource_MISC |
| https://github.com/advisories/GHSA-wxmh-65f7-jcvw | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter4 | CodeIgniter4 |
Affected:
< 4.5.8
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24013",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-21T14:50:53.085014Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-21T14:51:01.754Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "CodeIgniter4",
"vendor": "codeigniter4",
"versions": [
{
"status": "affected",
"version": "\u003c 4.5.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter is a PHP full-stack web framework. Prior to 4.5.8, CodeIgniter lacked proper header validation for its name and value. The potential attacker can construct deliberately malformed headers with Header class. This could disrupt application functionality, potentially causing errors or generating invalid HTTP requests. In some cases, these malformed requests might lead to a DoS scenario if a remote service\u2019s web application firewall interprets them as malicious and blocks further communication with the application. This vulnerability is fixed in 4.5.8."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-436",
"description": "CWE-436: Interpretation Conflict",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-20T15:58:32.110Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-x5mq-jjr3-vmx6",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-x5mq-jjr3-vmx6"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/commit/5f8aa24280fb09947897d6b322bf1f0e038b13b6",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/5f8aa24280fb09947897d6b322bf1f0e038b13b6"
},
{
"name": "https://datatracker.ietf.org/doc/html/rfc7230#section-3.2",
"tags": [
"x_refsource_MISC"
],
"url": "https://datatracker.ietf.org/doc/html/rfc7230#section-3.2"
},
{
"name": "https://github.com/advisories/GHSA-wxmh-65f7-jcvw",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/advisories/GHSA-wxmh-65f7-jcvw"
}
],
"source": {
"advisory": "GHSA-x5mq-jjr3-vmx6",
"discovery": "UNKNOWN"
},
"title": "CodeIgniter validation of header name and value"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-24013",
"datePublished": "2025-01-20T15:57:37.975Z",
"dateReserved": "2025-01-16T17:31:06.458Z",
"dateUpdated": "2025-01-21T14:51:01.754Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-41344 (GCVE-0-2024-41344)
Vulnerability from cvelistv5 – Published: 2024-10-15 00:00 – Updated: 2024-10-15 19:25
VLAI
Summary
A Cross-Site Request Forgery (CSRF) in Codeigniter 3.1.13 allows attackers to arbitrarily change the Administrator password and escalate privileges.
Severity
7.5 (High)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-352 - Cross-Site Request Forgery (CSRF)
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter | codeigniter |
Affected:
3.1.13
cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "codeigniter",
"vendor": "codeigniter",
"versions": [
{
"status": "affected",
"version": "3.1.13"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-41344",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-15T19:14:00.800389Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T19:25:10.969Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A Cross-Site Request Forgery (CSRF) in Codeigniter 3.1.13 allows attackers to arbitrarily change the Administrator password and escalate privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T18:52:33.476Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/kirilkirkov/Ecommerce-CodeIgniter-Bootstrap/issues/264"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-41344",
"datePublished": "2024-10-15T00:00:00.000Z",
"dateReserved": "2024-07-18T00:00:00.000Z",
"dateUpdated": "2024-10-15T19:25:10.969Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-6526 (GCVE-0-2024-6526)
Vulnerability from cvelistv5 – Published: 2024-07-05 13:31 – Updated: 2024-08-01 21:41
VLAI
Title
CodeIgniter Ecommerce-CodeIgniter-Bootstrap cross site scripting
Summary
A vulnerability classified as problematic has been found in CodeIgniter Ecommerce-CodeIgniter-Bootstrap up to 1998845073cf433bc6c250b0354461fbd84d0e03. This affects an unknown part. The manipulation of the argument search_title/catName/sub/name/categorie leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of the patch is 1b3da45308bb6c3f55247d0e99620b600bd85277. It is recommended to apply a patch to fix this issue. The identifier VDB-270369 was assigned to this vulnerability.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Cross Site Scripting
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.270369 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.270369 | signaturepermissions-required |
| https://vuldb.com/?submit.368472 | third-party-advisory |
| https://github.com/kirilkirkov/Ecommerce-CodeIgni… | issue-tracking |
| https://github.com/kirilkirkov/Ecommerce-CodeIgni… | exploitissue-tracking |
| https://github.com/kirilkirkov/Ecommerce-CodeIgni… | patch |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| CodeIgniter | Ecommerce-CodeIgniter-Bootstrap |
Affected:
1998845073cf433bc6c250b0354461fbd84d0e03
|
|
| codeigniter | codeigniter |
Affected:
0 , < 1b3da45
(custom)
cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "codeigniter",
"vendor": "codeigniter",
"versions": [
{
"lessThan": "1b3da45",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6526",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-08T14:22:53.940935Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-08T14:25:09.461Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:41:03.521Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VDB-270369 | CodeIgniter Ecommerce-CodeIgniter-Bootstrap cross site scripting",
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.270369"
},
{
"name": "VDB-270369 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.270369"
},
{
"name": "Submit #368472 | CodeIgniter Foundation Codeigniter 3.1.13 Cross Site Scripting",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://vuldb.com/?submit.368472"
},
{
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://github.com/kirilkirkov/Ecommerce-CodeIgniter-Bootstrap/issues/263"
},
{
"tags": [
"exploit",
"issue-tracking",
"x_transferred"
],
"url": "https://github.com/kirilkirkov/Ecommerce-CodeIgniter-Bootstrap/issues/263#issuecomment-2199387443"
},
{
"tags": [
"patch",
"x_transferred"
],
"url": "https://github.com/kirilkirkov/Ecommerce-CodeIgniter-Bootstrap/commit/1b3da45308bb6c3f55247d0e99620b600bd85277"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Ecommerce-CodeIgniter-Bootstrap",
"vendor": "CodeIgniter",
"versions": [
{
"status": "affected",
"version": "1998845073cf433bc6c250b0354461fbd84d0e03"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Juan Carlos Martinez"
},
{
"lang": "en",
"type": "reporter",
"value": "evilcode52 (VulDB User)"
},
{
"lang": "en",
"type": "analyst",
"value": "evilcode52 (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic has been found in CodeIgniter Ecommerce-CodeIgniter-Bootstrap up to 1998845073cf433bc6c250b0354461fbd84d0e03. This affects an unknown part. The manipulation of the argument search_title/catName/sub/name/categorie leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of the patch is 1b3da45308bb6c3f55247d0e99620b600bd85277. It is recommended to apply a patch to fix this issue. The identifier VDB-270369 was assigned to this vulnerability."
},
{
"lang": "de",
"value": "Es wurde eine Schwachstelle in CodeIgniter Ecommerce-CodeIgniter-Bootstrap bis 1998845073cf433bc6c250b0354461fbd84d0e03 entdeckt. Sie wurde als problematisch eingestuft. Betroffen hiervon ist ein unbekannter Ablauf. Dank der Manipulation des Arguments search_title/catName/sub/name/categorie mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung. Der Patch wird als 1b3da45308bb6c3f55247d0e99620b600bd85277 bezeichnet. Als bestm\u00f6gliche Massnahme wird Patching empfohlen."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross Site Scripting",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-09T18:28:27.978Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-270369 | CodeIgniter Ecommerce-CodeIgniter-Bootstrap cross site scripting",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.270369"
},
{
"name": "VDB-270369 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.270369"
},
{
"name": "Submit #368472 | CodeIgniter Foundation Codeigniter 3.1.13 Cross Site Scripting",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.368472"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/kirilkirkov/Ecommerce-CodeIgniter-Bootstrap/issues/263"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/kirilkirkov/Ecommerce-CodeIgniter-Bootstrap/issues/263#issuecomment-2199387443"
},
{
"tags": [
"patch"
],
"url": "https://github.com/kirilkirkov/Ecommerce-CodeIgniter-Bootstrap/commit/1b3da45308bb6c3f55247d0e99620b600bd85277"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-07-05T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2024-07-05T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2024-07-09T20:30:24.000Z",
"value": "VulDB entry last update"
}
],
"title": "CodeIgniter Ecommerce-CodeIgniter-Bootstrap cross site scripting"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2024-6526",
"datePublished": "2024-07-05T13:31:04.482Z",
"dateReserved": "2024-07-05T05:43:30.746Z",
"dateUpdated": "2024-08-01T21:41:03.521Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-29904 (GCVE-0-2024-29904)
Vulnerability from cvelistv5 – Published: 2024-03-29 15:32 – Updated: 2024-08-21 22:44
VLAI
Title
CodeIgniter4 Language class DoS Vulnerability
Summary
CodeIgniter is a PHP full-stack web framework A vulnerability was found in the Language class that allowed DoS attacks. This vulnerability can be exploited by an attacker to consume a large amount of memory on the server. Upgrade to v4.4.7 or later.
Severity
7.5 (High)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/codeigniter4/CodeIgniter4/secu… | x_refsource_CONFIRM |
| https://github.com/codeigniter4/CodeIgniter4/comm… | x_refsource_MISC |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter4 | CodeIgniter4 |
Affected:
< 4.4.7
|
|
| codeigniter | codeigniter |
Affected:
4.0 , < 4.4.7
(custom)
cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:17:58.591Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-39fp-mqmm-gxj6",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-39fp-mqmm-gxj6"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/commit/fa851acbae7ae4c5a97f8f38ae87aa0822a334c0",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/fa851acbae7ae4c5a97f8f38ae87aa0822a334c0"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "codeigniter",
"vendor": "codeigniter",
"versions": [
{
"lessThan": "4.4.7",
"status": "affected",
"version": "4.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-29904",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-01T20:01:34.809685Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-21T22:44:16.609Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "CodeIgniter4",
"vendor": "codeigniter4",
"versions": [
{
"status": "affected",
"version": "\u003c 4.4.7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter is a PHP full-stack web framework A vulnerability was found in the Language class that allowed DoS attacks. This vulnerability can be exploited by an attacker to consume a large amount of memory on the server. Upgrade to v4.4.7 or later. \n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-835",
"description": "CWE-835: Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-29T15:32:38.686Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-39fp-mqmm-gxj6",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-39fp-mqmm-gxj6"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/commit/fa851acbae7ae4c5a97f8f38ae87aa0822a334c0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/fa851acbae7ae4c5a97f8f38ae87aa0822a334c0"
}
],
"source": {
"advisory": "GHSA-39fp-mqmm-gxj6",
"discovery": "UNKNOWN"
},
"title": "CodeIgniter4 Language class DoS Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-29904",
"datePublished": "2024-03-29T15:32:38.686Z",
"dateReserved": "2024-03-21T15:12:09.000Z",
"dateUpdated": "2024-08-21T22:44:16.609Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-48707 (GCVE-0-2023-48707)
Vulnerability from cvelistv5 – Published: 2023-11-24 17:23 – Updated: 2024-08-02 21:37
VLAI
Title
Cleartext Storage of Sensitive Information in codeigniter4/shield
Summary
CodeIgniter Shield is an authentication and authorization provider for CodeIgniter 4. The `secretKey` value is an important key for HMAC SHA256 authentication and in affected versions was stored in the database in cleartext form. If a malicious person somehow had access to the data in the database, they could use the key and secretKey for HMAC SHA256 authentication to send requests impersonating that corresponding user. This issue has been addressed in version 1.0.0-beta.8. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Severity
5 (Medium)
CWE
- CWE-312 - Cleartext Storage of Sensitive Information
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/codeigniter4/shield/security/a… | x_refsource_CONFIRM |
| https://github.com/codeigniter4/shield/commit/f77… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter4 | shield |
Affected:
< 1.0.0-beta.8
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:37:54.651Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/codeigniter4/shield/security/advisories/GHSA-v427-c49j-8w6x",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/codeigniter4/shield/security/advisories/GHSA-v427-c49j-8w6x"
},
{
"name": "https://github.com/codeigniter4/shield/commit/f77c6ae20275ac1245330a2b9a523bf7e6f6202f",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/codeigniter4/shield/commit/f77c6ae20275ac1245330a2b9a523bf7e6f6202f"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "shield",
"vendor": "codeigniter4",
"versions": [
{
"status": "affected",
"version": "\u003c 1.0.0-beta.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter Shield is an authentication and authorization provider for CodeIgniter 4. The `secretKey` value is an important key for HMAC SHA256 authentication and in affected versions was stored in the database in cleartext form. If a malicious person somehow had access to the data in the database, they could use the key and secretKey for HMAC SHA256 authentication to send requests impersonating that corresponding user. This issue has been addressed in version 1.0.0-beta.8. Users are advised to upgrade. There are no known workarounds for this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-312",
"description": "CWE-312: Cleartext Storage of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-24T17:23:34.798Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/codeigniter4/shield/security/advisories/GHSA-v427-c49j-8w6x",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/codeigniter4/shield/security/advisories/GHSA-v427-c49j-8w6x"
},
{
"name": "https://github.com/codeigniter4/shield/commit/f77c6ae20275ac1245330a2b9a523bf7e6f6202f",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/codeigniter4/shield/commit/f77c6ae20275ac1245330a2b9a523bf7e6f6202f"
}
],
"source": {
"advisory": "GHSA-v427-c49j-8w6x",
"discovery": "UNKNOWN"
},
"title": "Cleartext Storage of Sensitive Information in codeigniter4/shield"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-48707",
"datePublished": "2023-11-24T17:23:34.798Z",
"dateReserved": "2023-11-17T19:43:37.554Z",
"dateUpdated": "2024-08-02T21:37:54.651Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-48708 (GCVE-0-2023-48708)
Vulnerability from cvelistv5 – Published: 2023-11-24 17:16 – Updated: 2024-08-02 21:37
VLAI
Title
Insertion of Sensitive Information into Log in codeigniter4/shield
Summary
CodeIgniter Shield is an authentication and authorization provider for CodeIgniter 4. In affected versions successful login attempts are recorded with the raw tokens stored in the log table. If a malicious person somehow views the data in the log table they can obtain a raw token which can then be used to send a request with that user's authority. This issue has been addressed in version 1.0.0-beta.8. Users are advised to upgrade. Users unable to upgrade should disable logging for successful login attempts by the configuration files.
Severity
5 (Medium)
CWE
- CWE-532 - Insertion of Sensitive Information into Log File
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/codeigniter4/shield/security/a… | x_refsource_CONFIRM |
| https://github.com/codeigniter4/shield/commit/7e8… | x_refsource_MISC |
| https://codeigniter4.github.io/shield/getting_sta… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter4 | shield |
Affected:
< 1.0.0-beta.8
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:37:54.644Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/codeigniter4/shield/security/advisories/GHSA-j72f-h752-mx4w",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/codeigniter4/shield/security/advisories/GHSA-j72f-h752-mx4w"
},
{
"name": "https://github.com/codeigniter4/shield/commit/7e84c3fb3411294f70890819bfe51781bb9dc8e4",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/codeigniter4/shield/commit/7e84c3fb3411294f70890819bfe51781bb9dc8e4"
},
{
"name": "https://codeigniter4.github.io/shield/getting_started/authenticators/",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://codeigniter4.github.io/shield/getting_started/authenticators/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "shield",
"vendor": "codeigniter4",
"versions": [
{
"status": "affected",
"version": "\u003c 1.0.0-beta.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter Shield is an authentication and authorization provider for CodeIgniter 4. In affected versions successful login attempts are recorded with the raw tokens stored in the log table. If a malicious person somehow views the data in the log table they can obtain a raw token which can then be used to send a request with that user\u0027s authority. This issue has been addressed in version 1.0.0-beta.8. Users are advised to upgrade. Users unable to upgrade should disable logging for successful login attempts by the configuration files."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532: Insertion of Sensitive Information into Log File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-24T17:16:15.732Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/codeigniter4/shield/security/advisories/GHSA-j72f-h752-mx4w",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/codeigniter4/shield/security/advisories/GHSA-j72f-h752-mx4w"
},
{
"name": "https://github.com/codeigniter4/shield/commit/7e84c3fb3411294f70890819bfe51781bb9dc8e4",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/codeigniter4/shield/commit/7e84c3fb3411294f70890819bfe51781bb9dc8e4"
},
{
"name": "https://codeigniter4.github.io/shield/getting_started/authenticators/",
"tags": [
"x_refsource_MISC"
],
"url": "https://codeigniter4.github.io/shield/getting_started/authenticators/"
}
],
"source": {
"advisory": "GHSA-j72f-h752-mx4w",
"discovery": "UNKNOWN"
},
"title": "Insertion of Sensitive Information into Log in codeigniter4/shield"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-48708",
"datePublished": "2023-11-24T17:16:15.732Z",
"dateReserved": "2023-11-17T19:43:37.554Z",
"dateUpdated": "2024-08-02T21:37:54.644Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-46240 (GCVE-0-2023-46240)
Vulnerability from cvelistv5 – Published: 2023-10-31 15:03 – Updated: 2024-09-05 17:36
VLAI
Title
CodeIgniter4 vulnerable to information disclosure when detailed error report is displayed in production environment
Summary
CodeIgniter is a PHP full-stack web framework. Prior to CodeIgniter4 version 4.4.3, if an error or exception occurs, a detailed error report is displayed even if in the production environment. As a result, confidential information may be leaked. Version 4.4.3 contains a patch. As a workaround, replace `ini_set('display_errors', '0')` with `ini_set('display_errors', 'Off')` in `app/Config/Boot/production.php`.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-209 - Generation of Error Message Containing Sensitive Information
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/codeigniter4/CodeIgniter4/secu… | x_refsource_CONFIRM |
| https://github.com/codeigniter4/CodeIgniter4/comm… | x_refsource_MISC |
| https://codeigniter4.github.io/userguide/general/… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter4 | CodeIgniter4 |
Affected:
< 4.4.3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:37:40.233Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-hwxf-qxj7-7rfj",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-hwxf-qxj7-7rfj"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/commit/423569fc31e29f51635a2e59c89770333f0e7563",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/423569fc31e29f51635a2e59c89770333f0e7563"
},
{
"name": "https://codeigniter4.github.io/userguide/general/errors.html#error-reporting",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://codeigniter4.github.io/userguide/general/errors.html#error-reporting"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-46240",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-05T17:35:16.659348Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T17:36:02.600Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "CodeIgniter4",
"vendor": "codeigniter4",
"versions": [
{
"status": "affected",
"version": "\u003c 4.4.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter is a PHP full-stack web framework. Prior to CodeIgniter4 version 4.4.3, if an error or exception occurs, a detailed error report is displayed even if in the production environment. As a result, confidential information may be leaked. Version 4.4.3 contains a patch. As a workaround, replace `ini_set(\u0027display_errors\u0027, \u00270\u0027)` with `ini_set(\u0027display_errors\u0027, \u0027Off\u0027)` in `app/Config/Boot/production.php`."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-209",
"description": "CWE-209: Generation of Error Message Containing Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-31T15:03:51.798Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-hwxf-qxj7-7rfj",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-hwxf-qxj7-7rfj"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/commit/423569fc31e29f51635a2e59c89770333f0e7563",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/423569fc31e29f51635a2e59c89770333f0e7563"
},
{
"name": "https://codeigniter4.github.io/userguide/general/errors.html#error-reporting",
"tags": [
"x_refsource_MISC"
],
"url": "https://codeigniter4.github.io/userguide/general/errors.html#error-reporting"
}
],
"source": {
"advisory": "GHSA-hwxf-qxj7-7rfj",
"discovery": "UNKNOWN"
},
"title": "CodeIgniter4 vulnerable to information disclosure when detailed error report is displayed in production environment"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-46240",
"datePublished": "2023-10-31T15:03:51.798Z",
"dateReserved": "2023-10-19T20:34:00.947Z",
"dateUpdated": "2024-09-05T17:36:02.600Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-32692 (GCVE-0-2023-32692)
Vulnerability from cvelistv5 – Published: 2023-05-30 03:15 – Updated: 2025-01-10 20:38
VLAI
Title
Remote Code Execution Vulnerability in Validation Placeholders
Summary
CodeIgniter is a PHP full-stack web framework. This vulnerability allows attackers to execute arbitrary code when you use Validation Placeholders. The vulnerability exists in the Validation library, and validation methods in the controller and in-model validation are also vulnerable because they use the Validation library internally. This issue is patched in version 4.3.5.
Severity
9.8 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/codeigniter4/CodeIgniter4/secu… | x_refsource_CONFIRM |
| https://github.com/codeigniter4/CodeIgniter4/blob… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter4 | CodeIgniter4 |
Affected:
< 4.3.5
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:25:36.360Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-m6m8-6gq8-c9fj",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-m6m8-6gq8-c9fj"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/blob/develop/CHANGELOG.md",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/blob/develop/CHANGELOG.md"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-32692",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-10T20:38:34.423818Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-10T20:38:42.898Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "CodeIgniter4",
"vendor": "codeigniter4",
"versions": [
{
"status": "affected",
"version": "\u003c 4.3.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter is a PHP full-stack web framework. This vulnerability allows attackers to execute arbitrary code when you use Validation Placeholders. The vulnerability exists in the Validation library, and validation methods in the controller and in-model validation are also vulnerable because they use the Validation library internally. This issue is patched in version 4.3.5.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-30T03:15:01.363Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-m6m8-6gq8-c9fj",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-m6m8-6gq8-c9fj"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/blob/develop/CHANGELOG.md",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/blob/develop/CHANGELOG.md"
}
],
"source": {
"advisory": "GHSA-m6m8-6gq8-c9fj",
"discovery": "UNKNOWN"
},
"title": "Remote Code Execution Vulnerability in Validation Placeholders"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-32692",
"datePublished": "2023-05-30T03:15:01.363Z",
"dateReserved": "2023-05-11T16:33:45.733Z",
"dateUpdated": "2025-01-10T20:38:42.898Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-27580 (GCVE-0-2023-27580)
Vulnerability from cvelistv5 – Published: 2023-03-13 17:14 – Updated: 2025-02-25 14:58
VLAI
Title
CodeIgniter Shield Password Shucking Vulnerability
Summary
CodeIgniter Shield provides authentication and authorization for the CodeIgniter 4 PHP framework. An improper implementation was found in the password storage process. All hashed passwords stored in Shield v1.0.0-beta.3 or earlier are easier to crack than expected due to the vulnerability. Therefore, they should be removed as soon as possible. If an attacker gets (1) the user's hashed password by Shield, and (2) the hashed password (SHA-384 hash without salt) from somewhere, the attacker may easily crack the user's password. Upgrade to Shield v1.0.0-beta.4 or later to fix this issue. After upgrading, all users’ hashed passwords should be updated (saved to the database). There are no known workarounds.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-916 - Use of Password Hash With Insufficient Computational Effort
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://github.com/codeigniter4/shield/security/a… | x_refsource_CONFIRM |
| https://github.com/codeigniter4/shield/commit/ea9… | x_refsource_MISC |
| https://blog.ircmaxell.com/2015/03/security-issue… | x_refsource_MISC |
| https://cheatsheetseries.owasp.org/cheatsheets/Pa… | x_refsource_MISC |
| https://github.com/codeigniter4/shield/blob/devel… | x_refsource_MISC |
| https://www.scottbrady91.com/authentication/bewar… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter4 | shield |
Affected:
< 1.0.0-beta.4
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:16:35.616Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/codeigniter4/shield/security/advisories/GHSA-c5vj-f36q-p9vg",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/codeigniter4/shield/security/advisories/GHSA-c5vj-f36q-p9vg"
},
{
"name": "https://github.com/codeigniter4/shield/commit/ea9688dd01d100193d834117dbfc2cfabcf9ea0b",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/codeigniter4/shield/commit/ea9688dd01d100193d834117dbfc2cfabcf9ea0b"
},
{
"name": "https://blog.ircmaxell.com/2015/03/security-issue-combining-bcrypt-with.html",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.ircmaxell.com/2015/03/security-issue-combining-bcrypt-with.html"
},
{
"name": "https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#pre-hashing-passwords",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#pre-hashing-passwords"
},
{
"name": "https://github.com/codeigniter4/shield/blob/develop/UPGRADING.md",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/codeigniter4/shield/blob/develop/UPGRADING.md"
},
{
"name": "https://www.scottbrady91.com/authentication/beware-of-password-shucking",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.scottbrady91.com/authentication/beware-of-password-shucking"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-27580",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-25T14:31:16.695445Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-25T14:58:30.664Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "shield",
"vendor": "codeigniter4",
"versions": [
{
"status": "affected",
"version": "\u003c 1.0.0-beta.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter Shield provides authentication and authorization for the CodeIgniter 4 PHP framework. An improper implementation was found in the password storage process. All hashed passwords stored in Shield v1.0.0-beta.3 or earlier are easier to crack than expected due to the vulnerability. Therefore, they should be removed as soon as possible. If an attacker gets (1) the user\u0027s hashed password by Shield, and (2) the hashed password (SHA-384 hash without salt) from somewhere, the attacker may easily crack the user\u0027s password. Upgrade to Shield v1.0.0-beta.4 or later to fix this issue. After upgrading, all users\u2019 hashed passwords should be updated (saved to the database). There are no known workarounds."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-916",
"description": "CWE-916: Use of Password Hash With Insufficient Computational Effort",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-13T17:14:58.687Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/codeigniter4/shield/security/advisories/GHSA-c5vj-f36q-p9vg",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/codeigniter4/shield/security/advisories/GHSA-c5vj-f36q-p9vg"
},
{
"name": "https://github.com/codeigniter4/shield/commit/ea9688dd01d100193d834117dbfc2cfabcf9ea0b",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/codeigniter4/shield/commit/ea9688dd01d100193d834117dbfc2cfabcf9ea0b"
},
{
"name": "https://blog.ircmaxell.com/2015/03/security-issue-combining-bcrypt-with.html",
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.ircmaxell.com/2015/03/security-issue-combining-bcrypt-with.html"
},
{
"name": "https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#pre-hashing-passwords",
"tags": [
"x_refsource_MISC"
],
"url": "https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#pre-hashing-passwords"
},
{
"name": "https://github.com/codeigniter4/shield/blob/develop/UPGRADING.md",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/codeigniter4/shield/blob/develop/UPGRADING.md"
},
{
"name": "https://www.scottbrady91.com/authentication/beware-of-password-shucking",
"tags": [
"x_refsource_MISC"
],
"url": "https://www.scottbrady91.com/authentication/beware-of-password-shucking"
}
],
"source": {
"advisory": "GHSA-c5vj-f36q-p9vg",
"discovery": "UNKNOWN"
},
"title": "CodeIgniter Shield Password Shucking Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-27580",
"datePublished": "2023-03-13T17:14:58.687Z",
"dateReserved": "2023-03-04T01:03:53.633Z",
"dateUpdated": "2025-02-25T14:58:30.664Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-46170 (GCVE-0-2022-46170)
Vulnerability from cvelistv5 – Published: 2022-12-22 18:58 – Updated: 2025-04-15 14:33
VLAI
Title
CodeIgniter is vulnerable to improper authentication via Session Handlers
Summary
CodeIgniter is a PHP full-stack web framework. When an application uses (1) multiple session cookies (e.g., one for user pages and one for admin pages) and (2) a session handler is set to `DatabaseHandler`, `MemcachedHandler`, or `RedisHandler`, then if an attacker gets one session cookie (e.g., one for user pages), they may be able to access pages that require another session cookie (e.g., for admin pages). This issue has been patched, please upgrade to version 4.2.11 or later. As a workaround, use only one session cookie.
Severity
8.6 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-287 - Improper Authentication
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/codeigniter4/CodeIgniter4/secu… | x_refsource_CONFIRM |
| https://github.com/codeigniter4/CodeIgniter4/comm… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter4 | CodeIgniter4 |
Affected:
< 4.2.11
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:24:03.375Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-6cq5-8cj7-g558",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-6cq5-8cj7-g558"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/commit/f9fb6574fbeb5a4aa63f7ea87296523e10db9328",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/f9fb6574fbeb5a4aa63f7ea87296523e10db9328"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-46170",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-15T14:32:54.141561Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-15T14:33:06.620Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "CodeIgniter4",
"vendor": "codeigniter4",
"versions": [
{
"status": "affected",
"version": "\u003c 4.2.11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter is a PHP full-stack web framework. When an application uses (1) multiple session cookies (e.g., one for user pages and one for admin pages) and (2) a session handler is set to `DatabaseHandler`, `MemcachedHandler`, or `RedisHandler`, then if an attacker gets one session cookie (e.g., one for user pages), they may be able to access pages that require another session cookie (e.g., for admin pages). This issue has been patched, please upgrade to version 4.2.11 or later. As a workaround, use only one session cookie."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287: Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-22T18:58:17.658Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-6cq5-8cj7-g558",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-6cq5-8cj7-g558"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/commit/f9fb6574fbeb5a4aa63f7ea87296523e10db9328",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/f9fb6574fbeb5a4aa63f7ea87296523e10db9328"
}
],
"source": {
"advisory": "GHSA-6cq5-8cj7-g558",
"discovery": "UNKNOWN"
},
"title": "CodeIgniter is vulnerable to improper authentication via Session Handlers"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-46170",
"datePublished": "2022-12-22T18:58:17.658Z",
"dateReserved": "2022-11-28T17:27:19.998Z",
"dateUpdated": "2025-04-15T14:33:06.620Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-23556 (GCVE-0-2022-23556)
Vulnerability from cvelistv5 – Published: 2022-12-22 18:50 – Updated: 2025-04-15 14:37
VLAI
Title
CodeIgniter is vulnerable to IP address spoofing when using proxy
Summary
CodeIgniter is a PHP full-stack web framework. This vulnerability may allow attackers to spoof their IP address when the server is behind a reverse proxy. This issue has been patched, please upgrade to version 4.2.11 or later, and configure `Config\App::$proxyIPs`. As a workaround, do not use `$request->getIPAddress()`.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-345 - Insufficient Verification of Data Authenticity
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/codeigniter4/CodeIgniter4/secu… | x_refsource_CONFIRM |
| https://github.com/codeigniter4/CodeIgniter4/comm… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| codeigniter4 | CodeIgniter4 |
Affected:
< 4.2.11
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:43:46.542Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-ghw3-5qvm-3mqc",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-ghw3-5qvm-3mqc"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/commit/5ca8c99b2db09a2a08a013836628028ddc984659",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/5ca8c99b2db09a2a08a013836628028ddc984659"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-23556",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-15T14:36:49.954898Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-15T14:37:02.216Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "CodeIgniter4",
"vendor": "codeigniter4",
"versions": [
{
"status": "affected",
"version": "\u003c 4.2.11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CodeIgniter is a PHP full-stack web framework. This vulnerability may allow attackers to spoof their IP address when the server is behind a reverse proxy. This issue has been patched, please upgrade to version 4.2.11 or later, and configure `Config\\App::$proxyIPs`. As a workaround, do not use `$request-\u003egetIPAddress()`.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-345",
"description": "CWE-345: Insufficient Verification of Data Authenticity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-22T18:50:55.443Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-ghw3-5qvm-3mqc",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-ghw3-5qvm-3mqc"
},
{
"name": "https://github.com/codeigniter4/CodeIgniter4/commit/5ca8c99b2db09a2a08a013836628028ddc984659",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/codeigniter4/CodeIgniter4/commit/5ca8c99b2db09a2a08a013836628028ddc984659"
}
],
"source": {
"advisory": "GHSA-ghw3-5qvm-3mqc",
"discovery": "UNKNOWN"
},
"title": "CodeIgniter is vulnerable to IP address spoofing when using proxy"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-23556",
"datePublished": "2022-12-22T18:50:55.443Z",
"dateReserved": "2022-01-19T21:23:53.803Z",
"dateUpdated": "2025-04-15T14:37:02.216Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}