ci4-cms-erp/ci4ms

Modular CodeIgniter 4 CMS featuring RBAC admin, theming, blog/page management, elFinder media integration, and CLI tooling for rapid customization.

Latest 0.31.8.0

100%

Total Score

Dependencies

100

Maturity

100

Supply Chain

100

Are you affected? Scan for Free

Vulnerabilities

Title	Versions	Severity
CVE-2026-41203 ci4-cms-erp/ci4ms is vulnerable to Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in versions 0.0.0 - 0.31.5.0.	0.0.0 - 0.31.5.0	Critical
CVE-2026-41202 ci4-cms-erp/ci4ms is vulnerable to Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in versions 0.0.0 - 0.31.5.0.	0.0.0 - 0.31.5.0	Critical
CVE-2026-41201 ci4-cms-erp/ci4ms is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in versions 0.0.0 - 0.31.5.0.	0.0.0 - 0.31.5.0	Medium
CVE-2026-39394 ci4-cms-erp/ci4ms is vulnerable to Improper Neutralization of CRLF Sequences ('CRLF Injection') in versions 0.0.0 - 0.31.3.0.	0.0.0 - 0.31.3.0	High
CVE-2026-39393 ci4-cms-erp/ci4ms is vulnerable to Missing Authentication for Critical Function in versions 0.0.0 - 0.31.3.0.	0.0.0 - 0.31.3.0	High

No maintainer information available.

Dependency	Last Release	Score
gregwar/captcha Version 1.3.0	—	—
studio-42/elfinder Version 2.1.67	—	—
codeigniter4/shield Version 1.3.0	—	—
ezyang/htmlpurifier Version 4.19	—	—
claviska/simpleimage Version 4.4.0	—	—