CVE-2015-5725

Published February 21st, 2018

View on NVD ↗

CVSS v3

N/A

CVSS v2

7.5

HIGH

Affected

PROJECT

Description

SQL injection vulnerability in the offset method in the Active Record class in CodeIgniter before 2.2.4 allows remote attackers to execute arbitrary SQL commands via vectors involving the offset variable.

bcit-ci/CodeIgniter

Open Source PHP Framework (originally from EllisLab)

GitHub

18.2K