Lucene search
Veracode Vulnerability DatabaseVERACODE:37500HistoryOct 11, 2022 - 12:07 p.m.
SQL Injection
2022-10-1112:07:43
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
4
codeigniter
sql injection
vulnerability
db_query_builder.php
malicious queries
0.002 Low
EPSS
Percentile
52.5%
CodeIgniter is vulnerable to sql injection. The vulnerability exists due to improper implementation of or_where_not_in function of DB_query_builder.php which allows an attacker to inject and execute malicious sql queries in the system.
| CPE | Name | Operator | Version |
|---|---|---|---|
| bcit-ci/codeigniter | le | 3.1.10 | |
| codeigniter/framework | le | 3.1.13 | |
| bcit-ci/codeigniter | le | 3.1.10 | |
| codeigniter/framework | le | 3.1.13 |
Related
vulnrichment
vulnrichment
CVE-2022-40828
2022-10-07 00:00:00
nvd
nvd
CVE-2022-40828
2022-10-07 11:15:11
osv
osv
BIT-codeigniter-2022-40828
2024-01-31 15:13:40
cvelist
cvelist
CVE-2022-40828
2022-10-07 00:00:00
prion
prion
Sql injection
2022-10-07 11:15:00
cve
cve
CVE-2022-40828
2022-10-07 11:15:11