CVE-2025-67164
Pagekit CMS v1.0.18 is affected by an authenticated arbitrary file upload vulnerability in the /storage/poc.php component. Uploading a crafted PHP file allows attackers to execute arbitrary code on the server. The root cause is an insecure file upload vector within the storage component, enabling...