Advisories for Composer/Ci4-Cms-Erp/Ci4ms package

2026

CI4MS Vulnerable to User Email Enumeration via Password Reset Flow

Summary The authentication implementation in CI4MS is vulnerable to email enumeration. An unauthenticated attacker can determine whether an email address is registered in the system by analyzing the application's response during the password reset process. Vulnerability Details The password reset flow returns different responses based on whether the provided email address exists in the database or not. If the email is registered, the system typically returns a success message (e.g., …

CI4MS Vulnerable to User Email Enumeration via Password Reset Flow

Summary The authentication implementation in CI4MS is vulnerable to email enumeration. An unauthenticated attacker can determine whether an email address is registered in the system by analyzing the application's response during the password reset process. Vulnerability Details The password reset flow returns different responses based on whether the provided email address exists in the database or not. If the email is registered, the system typically returns a success message (e.g., …

CI4MS Vulnerable to Remote Code Execution (RCE) via Arbitrary File Creation and Save in File Editor

Summary A critical vulnerability has been identified in CI4MS that allows an authenticated user with file editor permissions to achieve Remote Code Execution (RCE). By leveraging the file creation and save endpoints, an attacker can upload and execute arbitrary PHP code on the server. Vulnerability Details The vulnerability exists in the /backend/fileeditor/createFile and /backend/fileeditor/save API endpoints. Unrestricted File Creation: The createFile endpoint allows users to create files with any extension …

CI4MS Vulnerable to Remote Code Execution (RCE) via Arbitrary File Creation and Save in File Editor

Summary A critical vulnerability has been identified in CI4MS that allows an authenticated user with file editor permissions to achieve Remote Code Execution (RCE). By leveraging the file creation and save endpoints, an attacker can upload and execute arbitrary PHP code on the server. Vulnerability Details The vulnerability exists in the /backend/fileeditor/createFile and /backend/fileeditor/save API endpoints. Unrestricted File Creation: The createFile endpoint allows users to create files with any extension …