First published: Fri Oct 07 2022(Updated: )
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_not_like() function.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Codeigniter Codeigniter | >=3.0<=3.1.13 | |
Codeigniter Codeigniter | =3.0 | |
Codeigniter Codeigniter | =3.0-rc | |
Codeigniter Codeigniter | =3.0-rc2 | |
Codeigniter Codeigniter | =3.0-rc3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-40834 is a vulnerability in B.C. Institute of Technology CodeIgniter <=3.1.13 that allows SQL Injection via the system\database\DB_query_builder.php or_not_like() function.
CVE-2022-40834 has a severity rating of 9.8, which is classified as critical.
CVE-2022-40834 allows an attacker to perform SQL Injection in B.C. Institute of Technology CodeIgniter <=3.1.13, potentially compromising the security and integrity of the database.
B.C. Institute of Technology CodeIgniter versions <=3.1.13 are affected by CVE-2022-40834.
Upgrading B.C. Institute of Technology CodeIgniter to a version higher than 3.1.13 will fix the CVE-2022-40834 vulnerability.