← back
CVE-2015-5725

CVE-2015-5725

EPSS 2.4%
SQL injection vulnerability in the offset method in the Active Record class in CodeIgniter before 2.2.4 allows remote attackers to execute arbitrary SQL commands via vectors involving the offset variable.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://forum.codeigniter.com/thread-62743.htmlhttps://github.com/bcit-ci/CodeIgniter/commit/0dde92def6b9f276f05ff77abb07ead318f9ec23https://github.com/bcit-ci/CodeIgniter/issues/4020https://www.codeigniter.com/userguide2/changelog.html