Far-Horizons

**Name of the Vulnerable Software and Affected Versions** CI4MS versions prior to 0.28.5.0 **Description** CI4MS, a CodeIgniter 4-based CMS skeleton, contains a flaw in its authentication implementation that allows an unauthenticated attacker to determine if an email address is registered within the system. This is achieved by observing the application’s response during the password reset process. The affected system delivers a production-ready, modular architecture with RBAC authorization and theme support. **Recommendations** Update to version 0.28.5.0 or later.

**Name of the Vulnerable Software and Affected Versions** CI4MS versions prior to 0.28.5.0 **Description** CI4MS is a CodeIgniter 4-based CMS skeleton that provides a production-ready, modular architecture with RBAC authorization and theme support. An authenticated user with file editor permissions can achieve Remote Code Execution (RCE) by leveraging the file creation and save endpoints. An attacker can upload and execute arbitrary PHP code on the server. The vulnerability is triggered through the file editor, allowing for arbitrary file creation. The vulnerable endpoints are the file creation and save endpoints. The `file` parameter is involved in the file creation process. **Recommendations** Update CI4MS to version 0.28.5.0 or later.