CVE-2022-40832: SQL Injection
First published: Fri Oct 07 2022(Updated: )
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php having() function.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Codeigniter Codeigniter | >=3.0<=3.1.13 | |
| Codeigniter Codeigniter | =3.0 | |
| Codeigniter Codeigniter | =3.0-rc | |
| Codeigniter Codeigniter | =3.0-rc2 | |
| Codeigniter Codeigniter | =3.0-rc3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this CodeIgniter vulnerability?
The vulnerability ID for this CodeIgniter vulnerability is CVE-2022-40832.
What is the severity of CVE-2022-40832?
The severity of CVE-2022-40832 is critical.
How does CVE-2022-40832 affect the B.C. Institute of Technology CodeIgniter?
CVE-2022-40832 makes the B.C. Institute of Technology CodeIgniter <=3.1.13 vulnerable to SQL Injection.
What is the affected version of CodeIgniter for CVE-2022-40832?
The affected version of CodeIgniter for CVE-2022-40832 is <=3.1.13.
How can I fix the vulnerability CVE-2022-40832?
To fix the vulnerability CVE-2022-40832, upgrade CodeIgniter to a version higher than 3.1.13.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/references
- agent/weakness
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- agent/author
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/codeigniter
- canonical/codeigniter codeigniter
- version/codeigniter codeigniter/3.0
- version/codeigniter codeigniter/3.1.13
- version/codeigniter codeigniter/3.0-rc
- version/codeigniter codeigniter/3.0-rc2
- version/codeigniter codeigniter/3.0-rc3