bcit-ci/CodeIgniter

bcit-ci/CodeIgniter

codeigniter.com

Releases40

Frequency3 months 1 week

Last Release over 4 years ago

Stars18.2K

Open Source PHP Framework (originally from EllisLab)

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2013-4891 ↗	Feb 21, 2018Wednesday, 21 February 2018, 16:29	—	4.3 MEDIUM
The xss_clean function in CodeIgniter before 2.1.4 might allow remote attackers to bypass an intended protection mechanism and conduct cross-site scripting (XSS) attacks via an unclosed HTML tag.
CVE-2015-5725 ↗	Feb 21, 2018Wednesday, 21 February 2018, 16:29	—	7.5 HIGH
SQL injection vulnerability in the offset method in the Active Record class in CodeIgniter before 2.2.4 allows remote attackers to execute arbitrary SQL commands via vectors involving the offset variable.
CVE-2016-10131 ↗	Jan 12, 2017Thursday, 12 January 2017, 06:59	—	7.5 HIGH
system/libraries/Email.php in CodeIgniter before 3.1.3 allows remote attackers to execute arbitrary code by leveraging control over the email->from field to insert sendmail command-line arguments.