Identifier
|
Related Record |
Severity
|
Date Published
|
Description | Versions Affected |
---|---|---|---|---|---|
CVE-2019-8979 | Critical | Feb 21, 2019 | Kohana through 3.3.6 has SQL Injection when the order_by() parameter can be controlled. |
3.2.3, 3.3.2, v3.3.6, v3.3.5, v3.3.3.1, v3.3.4, v3.3.3, v3.2.3.1, v3.3.1.1, v3.2.2.1
|
|
CVE-2016-10510 | Medium | Aug 31, 2017 | Cross-site scripting (XSS) vulnerability in the Security component of Kohana before 3.3.6 allows remote attackers to inject arbitrary web script or HTM more... |
3.3.2, 3.2.3, v3.3.5, v3.3.3, v3.3.3.1, v3.3.4, v3.2.3.1, v3.3.1.1, v3.2.2.1, v3.3.1
|
|
CVE-2014-8684 | Critical | Sep 19, 2017 | CodeIgniter before 3.0 and Kohana 3.2.3 and earlier and 3.3.x through 3.3.2 make it easier for remote attackers to spoof session cookies and consequent more... |
3.3.2, 3.2.3, v3.2.3.1, v3.3.1, v3.3.0, v3.2.2, v3.2.1, v3.1.5, v3.2.0, v3.1.4
|