Ci4-cms-erp

Ci4ms

33 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.8

CVE-2026-39390

  • EPSS 0.24%
  • Veröffentlicht 08.04.2026 14:29:28
  • Zuletzt bearbeitet 21.04.2026 17:34:44

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to 0.31.4.0, the Google Maps iframe setting (cMap field) in compInfosPost() sanitizes input using stri...

7.2

CVE-2026-39389

Exploit
  • EPSS 0.47%
  • Veröffentlicht 08.04.2026 14:28:29
  • Zuletzt bearbeitet 16.04.2026 00:19:58

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to 0.31.4.0, This vulnerability is fixed in 0.31.4.0.

9

CVE-2026-35035

Exploit
  • EPSS 0.46%
  • Veröffentlicht 06.04.2026 16:49:10
  • Zuletzt bearbeitet 22.04.2026 18:52:23

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to 0.31.2.0, the application fails to properly sanitize user-controlled input within System Settings –...

9

CVE-2026-34989

Exploit
  • EPSS 0.3%
  • Veröffentlicht 06.04.2026 16:25:54
  • Zuletzt bearbeitet 27.04.2026 23:41:16

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to 31.0.0.0, the application fails to properly sanitize user-controlled input when users update their ...

8.8

CVE-2026-34572

Exploit
  • EPSS 0.5%
  • Veröffentlicht 01.04.2026 21:35:10
  • Zuletzt bearbeitet 06.04.2026 16:32:05

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application fails to immediately revoke active user sessions when an account ...

9

CVE-2026-34571

Exploit
  • EPSS 0.39%
  • Veröffentlicht 01.04.2026 21:32:16
  • Zuletzt bearbeitet 06.04.2026 16:33:14

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, a Stored Cross-Site Scripting (Stored XSS) vulnerability exists in the backend us...

8.8

CVE-2026-34570

Exploit
  • EPSS 0.5%
  • Veröffentlicht 01.04.2026 21:30:31
  • Zuletzt bearbeitet 06.04.2026 18:16:41

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application fails to immediately revoke active user sessions when an account ...

9

CVE-2026-34569

Exploit
  • EPSS 0.32%
  • Veröffentlicht 01.04.2026 21:29:33
  • Zuletzt bearbeitet 06.04.2026 16:35:35

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application fails to properly sanitize user-controlled input when creating or...

9

CVE-2026-34568

Exploit
  • EPSS 0.32%
  • Veröffentlicht 01.04.2026 21:28:55
  • Zuletzt bearbeitet 06.04.2026 16:49:31

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application fails to properly sanitize user-controlled input when creating or...

9

CVE-2026-34567

Exploit
  • EPSS 0.27%
  • Veröffentlicht 01.04.2026 21:28:23
  • Zuletzt bearbeitet 06.04.2026 16:41:42

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application fails to properly sanitize user-controlled input when creating or...