{"id":"BIT-codeigniter-2022-40824","details":"B.C. Institute of Technology CodeIgniter \u003c=3.1.13 is vulnerable to SQL Injection via system\\database\\DB_query_builder.php or_where() function.","aliases":["CVE-2022-40824"],"modified":"2024-02-19T10:36:29.170Z","published":"2024-01-31T15:14:15.598Z","database_specific":{"severity":"Critical","cpes":["cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*","cpe:2.3:a:codeigniter:codeigniter:3.0:-:*:*:*:*:*:*","cpe:2.3:a:codeigniter:codeigniter:3.0:rc2:*:*:*:*:*:*","cpe:2.3:a:codeigniter:codeigniter:3.0:rc3:*:*:*:*:*:*","cpe:2.3:a:codeigniter:codeigniter:3.0:rc:*:*:*:*:*:*"]},"references":[{"type":"WEB","url":"https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md"}],"affected":[{"package":{"name":"codeigniter","ecosystem":"Bitnami","purl":"pkg:bitnami/codeigniter"},"ranges":[{"type":"SEMVER","events":[{"introduced":"3.0.0"},{"fixed":"3.1.13"}]},{"type":"SEMVER","events":[{"introduced":"3.0.0"},{"last_affected":"3.0.0"}]},{"type":"SEMVER","events":[{"introduced":"3.0-rc.0"},{"last_affected":"3.0-rc.0"},{"introduced":"3.0-rc2.0"},{"last_affected":"3.0-rc2.0"},{"introduced":"3.0-rc3.0"},{"last_affected":"3.0-rc3.0"}]}],"database_specific":{"source":"https://github.com/bitnami/vulndb/tree/main/data/codeigniter/BIT-codeigniter-2022-40824.json"},"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}],"schema_version":"1.7.3"}