CVE-2026-41203
CriticalSummary
CI4MS is a CodeIgniter 4-based CMS skeleton that prior to version 0.31.5.0 had a vulnerability in the Theme::upload function. It allows an authenticated backend user with theme creation permissions to upload ZIP files without validating entry names, leading to remote code execution.
Risk Assessment
This vulnerability poses a serious risk to organizations as it allows writing files to arbitrary filesystem locations, potentially leading to remote code execution and server takeover.
Recommendation
It is recommended to upgrade to version 0.31.5.0 or later to mitigate this vulnerability and implement additional security measures to protect against similar attacks.
Original NVD description (English source)
CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.5.0, ci4ms Theme::upload extracts user uploaded ZIP archives without validating entry names, allowing an authenticated backend user with the theme create permission to write files to arbitrary filesystem locations (Zip Slip) and achieve remote code execution by dropping a PHP file under the public web root. This issue has been patched in version 0.31.5.0.

