anonhaven
Ad

CVE-2026-25510

CRITICAL CVSS 3.1: 9.9 EPSS 0.38%
Updated Feb 04, 2026
PHP
Parameter Value
CVSS 9.9 (CRITICAL)
Fixed In 0.28.5.0
Type CWE-434 (Unrestricted File Upload), CWE-94 (Code Injection)
Vendor PHP
Public PoC No

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.28.5.0, an authenticated user with file editor permissions can achieve Remote Code Execution (RCE) by leveraging the file creation and save endpoints, an attacker can upload and execute arbitrary PHP code on the server. This issue has been patched in version 0.28.5.0.

Attack Parameters

Attack Vector
Network
Can be exploited remotely
Attack Complexity
Low
Easy to exploit
Privileges Required
Low
Basic privileges needed
User Interaction
None
No user interaction needed

Impact Assessment

Confidentiality
High
Complete data leak
Integrity
High
Complete data modification
Availability
High
Complete denial of service

CVSS Vector v3.1

Weakness Type (CWE)

CWE-434 Unrestricted File Upload
CWE-94 Code Injection

References 2

https://github.com/ci4-cms-erp/ci4ms/commit/86be2930d1c54eb7575102563302b2f3baf…
security-advisories@github.com
https://github.com/ci4-cms-erp/ci4ms/security/advisories/GHSA-gp56-f67f-m4px
security-advisories@github.com
Share Post Share Share Share

Related Vulnerabilities

CVE-2026-31891

PHP

7.7

CVE-2026-4356

PHP

4.8

CVE-2026-4355

PHP

5.1

CVE-2026-27895

PHP

4.3

CVE-2026-27894

PHP

8.8