CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5725
https://notcve.org/view.php?id=CVE-2015-5725
SQL injection vulnerability in the offset method in the Active Record class in CodeIgniter before 2.2.4 allows remote attackers to execute arbitrary SQL commands via vectors involving the offset variable. Vulnerabilidad de inyección SQL en el método offset en la clase Active Record en CodeIgniter, en versiones anteriores a la 2.2.4, permite que atacantes remotos ejecuten comandos SQL arbitrarios mediante vectores relacionados con la variable offset. • https://forum.codeigniter.com/thread-62743.html https://github.com/bcit-ci/CodeIgniter/commit/0dde92def6b9f276f05ff77abb07ead318f9ec23 https://github.com/bcit-ci/CodeIgniter/issues/4020 https://www.codeigniter.com/userguide2/changelog.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2013-4891
https://notcve.org/view.php?id=CVE-2013-4891
The xss_clean function in CodeIgniter before 2.1.4 might allow remote attackers to bypass an intended protection mechanism and conduct cross-site scripting (XSS) attacks via an unclosed HTML tag. La función xss_clean en CodeIgniter, en versiones anteriores a la 2.1.4, podría permitir que atacantes remotos omitan un mecanismo de protección planeado y lleven a cabo ataques de Cross-Site Scripting (XSS) mediante unaetiqueta HTML no cerrada. • https://github.com/bcit-ci/CodeIgniter/issues/4020 https://nealpoole.com/blog/2013/07/codeigniter-21-xss-clean-filter-bypass https://www.codeigniter.com/userguide2/changelog.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 4%CPEs: 1EXPL: 0CVE-2016-10131
https://notcve.org/view.php?id=CVE-2016-10131
system/libraries/Email.php in CodeIgniter before 3.1.3 allows remote attackers to execute arbitrary code by leveraging control over the email->from field to insert sendmail command-line arguments. system/libraries/Email.php en CodeIgniter en versiones anteriores 3.1.3 permite a atacantes remotos ejecutar código arbitrario aprovechando el control sobre el campo email->from para insertar argumentos de linea de comando sendmail. • http://www.securityfocus.com/bid/96851 https://gist.github.com/Zenexer/40d02da5e07f151adeaeeaa11af9ab36 https://github.com/bcit-ci/CodeIgniter/issues/4963 https://github.com/bcit-ci/CodeIgniter/pull/4966 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 1CVE-2014-8684 – Seagate Business NAS - Remote Command Execution
https://notcve.org/view.php?id=CVE-2014-8684
CodeIgniter before 3.0 and Kohana 3.2.3 and earlier and 3.3.x through 3.3.2 make it easier for remote attackers to spoof session cookies and consequently conduct PHP object injection attacks by leveraging use of standard string comparison operators to compare cryptographic hashes. CodeIgniter antes de la versión 3.0 y Kohana 3.2.3 y anteriores y en versiones 3.3.x hasta la 3.3.2 facilita que los atacantes remotos suplanten cookies de sesión y lleven a cabo ataques de inyección de objetos PHP. Esto se realizaría por medio de operadores estándar de comparación de strings para comparar hashes criptográficos. • https://www.exploit-db.com/exploits/36264 http://packetstormsecurity.com/files/130609/Seagate-Business-NAS-Unauthenticated-Remote-Command-Execution.html http://seclists.org/fulldisclosure/2014/May/54 https://github.com/kohana/core/pull/492 https://scott.arciszewski.me/research/full/php-framework-timing-attacks-object-injection http://www.seagate.com/au/en/support/external-hard-drives/network-storage/business-storage-2-bay-nas https://beyondbinary.io/advisory/seagate-nas-rce • CWE-310: Cryptographic Issues •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 2CVE-2014-8686 – Seagate Business NAS - Remote Command Execution
https://notcve.org/view.php?id=CVE-2014-8686
CodeIgniter before 2.2.0 makes it easier for attackers to decode session cookies by leveraging fallback to a custom XOR-based encryption scheme when the Mcrypt extension for PHP is not available. CodeIgniter en versiones anteriores a la 2.2.0 facilita que los atacantes descodifiquen cookies de sesión aprovechando un fallback a una combinación de cifrado personalizada basada en XOR cuando la extensión Mcrypt para PHP no está disponible. • https://www.exploit-db.com/exploits/36264 http://packetstormsecurity.com/files/130609/Seagate-Business-NAS-Unauthenticated-Remote-Command-Execution.html https://beyondbinary.io/articles/seagate-nas-rce https://codeigniter.com/userguide2/changelog.html https://www.dionach.com/blog/codeigniter-session-decoding-vulnerability http://www.seagate.com/au/en/support/external-hard-drives/network-storage/business-storage-2-bay-nas https://beyondbinary.io/advisory/seagate-nas-rce • CWE-310: Cryptographic Issues •