CVE-2026-6652

🗓️ 20 Apr 2026 15:00:22Reported by VulDBType

CVE-2026-6652 Pagekit remote code execution via PhpEngine evaluate function due to improper directive.

Reporter	Title	Published	Views	Family All 8
ATTACKERKB	CVE-2026-6652	20 Apr 202615:00	–	attackerkb
Circl	CVE-2026-6652	20 Apr 202616:05	–	circl
CNNVD	Pagekit 安全漏洞	20 Apr 202600:00	–	cnnvd
Cvelist	CVE-2026-6652 Pagekit CMS StringStorage Template PhpEngine.php evaluate eval injection	20 Apr 202615:00	–	cvelist
EUVD	EUVD-2026-23878	20 Apr 202618:31	–	euvd
NVD	CVE-2026-6652	20 Apr 202616:16	–	nvd
Positive Technologies	PT-2026-33782	20 Apr 202600:00	–	ptsecurity
Vulnrichment	CVE-2026-6652 Pagekit CMS StringStorage Template PhpEngine.php evaluate eval injection	20 Apr 202615:00	–	vulnrichment

Vulners

Node

pagekit cmsMatch1.0.0

pagekit cmsMatch1.0.1

pagekit cmsMatch1.0.2

pagekit cmsMatch1.0.3

pagekit cmsMatch1.0.4

pagekit cmsMatch1.0.5

pagekit cmsMatch1.0.6

pagekit cmsMatch1.0.7

pagekit cmsMatch1.0.8

pagekit cmsMatch1.0.9

pagekit cmsMatch1.0.10

pagekit cmsMatch1.0.11

pagekit cmsMatch1.0.12

pagekit cmsMatch1.0.13

pagekit cmsMatch1.0.14

pagekit cmsMatch1.0.15

pagekit cmsMatch1.0.16

pagekit cmsMatch1.0.17

pagekit cmsMatch1.0.18

[
  {
    "vendor": "Pagekit",
    "product": "CMS",
    "versions": [
      {
        "version": "1.0.0",
        "status": "affected"
      },
      {
        "version": "1.0.1",
        "status": "affected"
      },
      {
        "version": "1.0.2",
        "status": "affected"
      },
      {
        "version": "1.0.3",
        "status": "affected"
      },
      {
        "version": "1.0.4",
        "status": "affected"
      },
      {
        "version": "1.0.5",
        "status": "affected"
      },
      {
        "version": "1.0.6",
        "status": "affected"
      },
      {
        "version": "1.0.7",
        "status": "affected"
      },
      {
        "version": "1.0.8",
        "status": "affected"
      },
      {
        "version": "1.0.9",
        "status": "affected"
      },
      {
        "version": "1.0.10",
        "status": "affected"
      },
      {
        "version": "1.0.11",
        "status": "affected"
      },
      {
        "version": "1.0.12",
        "status": "affected"
      },
      {
        "version": "1.0.13",
        "status": "affected"
      },
      {
        "version": "1.0.14",
        "status": "affected"
      },
      {
        "version": "1.0.15",
        "status": "affected"
      },
      {
        "version": "1.0.16",
        "status": "affected"
      },
      {
        "version": "1.0.17",
        "status": "affected"
      },
      {
        "version": "1.0.18",
        "status": "affected"
      }
    ],
    "modules": [
      "StringStorage Template Handler"
    ]
  }
]

Source	Link
vuldb	www.vuldb.com/vuln/358286/cti
vuldb	www.vuldb.com/vuln/358286
medium	www.medium.com/@pkhuyar/the-danger-of-php-eval-a23410187ca2
vuldb	www.vuldb.com/submit/794186

29 Apr 2026 01:00Current

5.3Medium risk

Vulners AI Score5.3

CVSS 3.14.7

CVSS 45.1

CVSS 25.8

CVSS 34.7

EPSS0.00057

SSVC