4 matches found
CVE-2026-35035
CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to 0.31.2.0, the application fails to properly sanitize user-controlled input within System Settings – Company Information. Several administrative...
EUVD-2026-19374
CI4MS: Company Information Public-Facing Page Full Platform Compromise & Full Account Takeover for All Roles & Privilege-Escalation via System Settings Company Information Stored DOM XSS...
CVE-2026-35035
CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to 0.31.2.0, the application fails to properly sanitize user-controlled input within System Settings – Company Information. Several administrative...
PT-2026-30680
Name of the Vulnerable Software and Affected Versions CI4MS versions prior to 0.31.2.0 Description CI4MS, a CodeIgniter 4-based CMS skeleton, is susceptible to a stored Cross-Site Scripting XSS issue. The application does not properly sanitize user-controlled input within the System Settings –...