Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Development CodeIgniter 3.x CVE-2022-40834 SQL Injection Vulnerability
CVE-2022-40834 SQL Injection Vulnerability
  • Offline kenjis
    Administrator
  • *******
  • Posts: 3,365
    Threads: 91
    Joined: Oct 2014
    Reputation: 209
#2
04-25-2024, 03:44 AM
(This post was last modified: 04-25-2024, 04:22 AM by kenjis.)

(04-25-2024, 02:47 AM)reactionstudio Wrote: Is CI3 still receiving security updates or are all these CVE's still exploitable?

I don't know. But it is not well-maintained.

If you think the SQL injection attack vectors in web.archive.org are vulnerabilities in the framework,
I believe they are still exploitable.
FYI, the maintainer did not think these were vulnerabilities in the framework, but vulnerabilities in the application code, if I recall correctly.
ci-phpunit-test | CodeIgniter Testing Guide | CodeIgniter 3 to 4 Upgrade Helper
Reply


Messages In This Thread
RE: CVE-2022-40834 SQL Injection Vulnerability - by kenjis - 04-25-2024, 03:44 AM



Theme © iAndrew 2016 - Forum software by © MyBB