CVE-2026-41202

CRITICAL SEVERITY

Vulnerability Description

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.5.0, ci4ms Backup::restore extracts user uploaded ZIP archives without validating entry names, allowing an authenticated backend user with the backup create permission to write files to arbitrary filesystem locations (Zip Slip) and achieve remote code execution by dropping a PHP file under the public web root. This issue has been patched in version 0.31.5.0.

Vulnerability Details

Published Date

April 22, 2026

Last Modified

May 07, 2026

CWE ID

CWE-22

Source

GitHub

Vendor

composer

Product

ci4-cms-erp/ci4ms

External References

https://github.com/ci4-cms-erp/ci4ms/security/advisories/GHSA-xp9f-pvvc-57p4
https://github.com/ci4-cms-erp/ci4ms/releases/tag/0.31.5.0
https://github.com/advisories/GHSA-xp9f-pvvc-57p4

CVE-2026-41202

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment