Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
CI4MS has an .env CRLF Injection via Unvalidated `host` Parameter in Install Controller
Vulnerability Description
CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to 0.31.4.0, the Install::index() controller reads the host POST parameter without any validation and passes it directly into updateEnvSettings(), which writes it into the .env file via preg_replace(). Because newline characters in the value are not stripped, an attacker can inject arbitrary configuration directives into the .env file. The install routes have CSRF protection explicitly disabled, and the InstallFilter can be bypassed when cache('settings') is empty (cache expiry or fresh deployment). This vulnerability is fixed in 0.31.4.0.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
对CRLF序列的转义处理不恰当(CRLF注入)
Vulnerability Title
CI4MS 安全漏洞
Vulnerability Description
CI4MS是Ci4MS开源的一个博客页面管理工具。 CI4MS 0.31.4.0之前版本存在安全漏洞,该漏洞源于安装控制器读取host参数时未经验证即写入.env文件,且未剥离换行符,可能导致攻击者注入任意配置指令。
CVSS Information
N/A
Vulnerability Type
N/A