CVE-2026-39393 — CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, m…
Severity: High · Kind: Vulnerability
We've ingested this item but haven't summarised it yet. Read the upstream advisory using the link below in the meantime — the AI summary will appear here once the next run completes.
From the source
CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to 0.31.4.0, the install route guard in ci4ms relies solely on a volatile cache check (cache('settings')) combined with .env file existence to block post-installation access to the setup wizard. When the database is temporarily unreachable during a cache miss (TTL expiry or admin-triggered cache clear), the guard fails open, allowing an unauthenticated attacker to overwrite the .env file with attacker-controlled database credentials, achieving full application takeover. This vulnerability is fixed in 0.31.4.0.
Vulnerability facts
- CVE
- CVE-2026-39393
- CVSS
- 8.1
Was this useful?
Plain-English summaries are AI-generated and reviewed for tone, not technical accuracy. For incident response, always rely on the original source linked above.