CVE-2022-40826

State: PUBLISHED · Published: 2022-10-07 · Updated: 2024-08-03 · Assigner: mitre

Description

B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_having() function. Note: Multiple third parties have disputed this as not a valid vulnerability.

CWE

CWE-89 — CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Affected

n/a / n/a — v=n/a [affected]

CVSS

(none)

References

https://github.com/726232111/CodeIgniter3.1.13-SQL-Inject/blob/main/README.md
https://github.com/bcit-ci/CodeIgniter/issues/6161

Source

cvelistV5-main/cves/2022/40xxx/CVE-2022-40826.json