2 matches found
CVE-2025-67165
An Insecure Direct Object Reference IDOR in Pagekit CMS v1.0.18 allows attackers to escalate privileges...
CVE-2025-67164
Pagekit CMS v1.0.18 is affected by an authenticated arbitrary file upload vulnerability in the /storage/poc.php component. Uploading a crafted PHP file allows attackers to execute arbitrary code on the server. The root cause is an insecure file upload vector within the storage component, enabling...