CodeIgniter Forums
veracode scanning CI - Printable Version

+- CodeIgniter Forums (
+-- Forum: General (
+--- Forum: Lounge (
+--- Thread: veracode scanning CI (/thread-68134.html)

veracode scanning CI - ciadvantage - 05-30-2017

Presently my company signed up with this guy and scan to code project which I have developed based on CI 2.2.x
( I knew CI 3.1.4 is out a while but still migrating to it now as I have lot of changes to suit 3.1.4) and the vulnerables

[Image: severity-4.png]



and this is inĀ system/core/CodeIgniter.php

And the stated flaw is it is subject to remote file inclusion vulnerability!

I am kinda wonderouse if we have any defense for this and if someone knows please advise!

Many thanks

RE: veracode scanning CI - Narf - 05-30-2017

It's a false-positive.

RE: veracode scanning CI - ciadvantage - 05-31-2017

(05-30-2017, 02:53 PM)Narf Wrote: It's a false-positive.

thanks Narf