codeigniter security advisories

2 threat alerts tracking vulnerabilities and security advisories that affect codeigniter products.

Vulnios monitors codeigniter CVE feeds, vendor advisories, CISA KEV listings, and exploit-prediction data continuously. Each alert below is enriched with severity, exploitation status, affected products, and a remediation path. Use this page to scan recent codeigniter security news in one place, or click into an individual alert for full detail.

Critical Vulnerability: CVE-2016-10131 — codeigniter — codeigniter
system/libraries/Email.php in CodeIgniter before 3.1.3 allows remote attackers to execute arbitrary code by leveraging control over the email->from field to insert sendmail command-line arguments.
criticalCVE-2016-10131
Critical Vulnerability: CVE-2014-8686 — codeigniter — codeigniter
CodeIgniter before 2.2.0 makes it easier for attackers to decode session cookies by leveraging fallback to a custom XOR-based encryption scheme when the Mcrypt extension for PHP is not available.
criticalCVE-2014-8686

Track codeigniter exposure across your environment

Vulnios automatically cross-references your asset inventory against new codeigniter CVEs and surfaces only what affects you. No more sifting manually — actionable findings only.

Start a free scan

codeigniter security advisories

Critical Vulnerability: CVE-2016-10131 — codeigniter — codeigniter

Critical Vulnerability: CVE-2014-8686 — codeigniter — codeigniter

Track codeigniter exposure across your environment