Advisories for Composer/Codeigniter/Framework package

The xss_clean() method in the Security Library of CodeIgniter/Framework, specifically in versions before 3.0.3, exhibited a vulnerability that allowed certain Cross-Site Scripting (XSS) vectors to bypass its intended protection mechanisms. The xss_clean() method is designed to sanitize input data by removing potentially malicious content, thus preventing XSS attacks. However, in versions prior to 3.0.3, it was discovered that the method did not adequately mitigate specific XSS vectors, leaving a potential …

CodeIgniter 3.1.0 addressed a critical security issue within the ODBC database driver. This update includes crucial fixes to mitigate a SQL injection vulnerability, preventing potential exploitation by attackers. It is noteworthy that these fixes render the query builder and escape() functions incompatible with the ODBC driver. However, the update introduces actual query binding as a more secure alternative.

CodeIgniter is a PHP full-stack web framework. Prior to CodeIgniter4 version 4.4.3, if an error or exception occurs, a detailed error report is displayed even if in the production environment. As a result, confidential information may be leaked. Version 4.4.3 contains a patch. As a workaround, replace ini_set('display_errors', '0') with ini_set('display_errors', 'Off') in app/Config/Boot/production.php.

SQL Injection vulnerability in file Base_module_model.php in Daylight Studio FUEL-CMS version 1.4.9, allows remote attackers to execute arbitrary code via the col parameter to function list_items.

CodeIgniter is a PHP full-stack web framework. This vulnerability allows attackers to execute arbitrary code when you use Validation Placeholders. The vulnerability exists in the Validation library, and validation methods in the controller and in-model validation are also vulnerable because they use the Validation library internally. This issue is patched in version 4.3.5.

CodeIgniter is a PHP full-stack web framework. This vulnerability may allow attackers to spoof their IP address when the server is behind a reverse proxy. This issue has been patched, please upgrade to version 4.2.11 or later, and configure Config\App::$proxyIPs. As a workaround, do not use $request->getIPAddress().

CodeIgniter is a PHP full-stack web framework. When an application uses (1) multiple session cookies (e.g., one for user pages and one for admin pages) and (2) a session handler is set to DatabaseHandler, MemcachedHandler, or RedisHandler, then if an attacker gets one session cookie (e.g., one for user pages), they may be able to access pages that require another session cookie (e.g., for admin pages). This issue has been …

B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php where_in() function.

B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_where() function.

B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_having() function.

B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_where_not_in() function.

B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php.

B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php where() function.

B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php having() function.

B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_not_like() function.

B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_like() function.

B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php like() function.

B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_where_in() function.

B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php where_not_in() function.

Shield is an authentication and authorization framework for CodeIgniter 4. This vulnerability may allow SameSite Attackers to bypass the CodeIgniter4 CSRF protection mechanism with CodeIgniter Shield. For this attack to succeed, the attacker must have direct (or indirect, e.g., XSS) control over a subdomain site (e.g., https://a.example.com/) of the target site (e.g., http://example.com/). Upgrade to CodeIgniter v4.2.3 or later and Shield v1.0.0-beta.2 or later. As a workaround: set Config\Security::$csrfProtection to …

CodeIgniter before 3.0 and Kohana 3.2.3 and earlier and 3.3.x through 3.3.2 make it easier for remote attackers to spoof session cookies and consequently conduct PHP object injection attacks by leveraging use of standard string comparison operators to compare cryptographic hashes.

A Session Fixation issue exists in CodeIgniter before 3.1.9 because session.use_strict_mode in the Session Library was mishandled.

There's a critical SQL injection bug in the ODBC database driver.

There's an XSS attack vector in Security Library method xss_clean().

XSS attack vector in Security Library method xss_clean().

Critical SQL injection bug in the ODBC database driver.