Lucene search
+L

198 matches found

NVD
NVD
added 2023/08/28 10:15 p.m.27 views

CVE-2023-41005

An issue in Pagekit pagekit v.1.0.18 alows a remote attacker to execute arbitrary code via thedownloadAction and updateAction functions in UpdateController.php...

7.8CVSS7.9AI score0.005EPSS
Exploits1References1
Prion
Prion
added 2023/08/28 10:15 p.m.16 views

Code injection

An issue in Pagekit pagekit v.1.0.18 alows a remote attacker to execute arbitrary code via thedownloadAction and updateAction functions in UpdateController.php...

4.4CVSS7.9AI score0.005EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2023/08/28 12:0 a.m.6 views

Pagekit 安全漏洞

Pagekit is a modular, lightweight CMS Content Management System. A security vulnerability exists in Pagekit version v.1.0.18, which originated from allowing remote attackers to execute arbitrary code via the downloadAction and updateAction functions in UpdateController.php...

7.8CVSS7.9AI score0.005EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/08/28 12:0 a.m.9 views

PT-2023-27739 · Pagekit · Pagekit

Name of the Vulnerable Software and Affected Versions: Pagekit version 1.0.18 Description: An issue in Pagekit allows a remote attacker to execute arbitrary code via the downloadAction and updateAction functions in UpdateController.php. Recommendations: For Pagekit version 1.0.18, consider...

7.8CVSS8.1AI score0.005EPSS
Exploits1References11
CVE
CVE
added 2023/08/28 12:0 a.m.120 views

CVE-2023-41005

Pagekit 1.0.18 is affected by CVE-2023-41005. The vulnerability exists in UpdateController.php via downloadAction and updateAction, enabling remote code execution. The root cause is that updateAction blindly executes code in the uploaded requirements.php file, allowing an attacker with admin cont...

7.8CVSS7.8AI score0.005EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/08/28 12:0 a.m.14 views

CVE-2023-41005

An issue in Pagekit pagekit v.1.0.18 alows a remote attacker to execute arbitrary code via thedownloadAction and updateAction functions in UpdateController.php...

7.8AI score0.005EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/08/28 12:0 a.m.37 views

CVE-2023-41005

An issue in Pagekit pagekit v.1.0.18 alows a remote attacker to execute arbitrary code via thedownloadAction and updateAction functions in UpdateController.php...

8.1AI score0.005EPSS
Exploits1References1
OSV
OSV
added 2023/08/28 12:0 a.m.12 views

CVE-2023-41005

An issue in Pagekit pagekit v.1.0.18 alows a remote attacker to execute arbitrary code via thedownloadAction and updateAction functions in UpdateController.php...

7.8CVSS8.1AI score0.005EPSS
Exploits1References3
Veracode
Veracode
added 2022/09/22 7:49 a.m.22 views

Arbitrary File Upload

pagekit/pagekit is vulnerable to arbitrary file upload. The vulnerability exists in the storage feature because it doesn't restrict the file types that can be uploaded which allows an attacker to upload malicious files and access the file directory of the system...

9.8CVSS9.1AI score0.17609EPSS
Exploits1References2Affected Software1
Github Security Blog
Github Security Blog
added 2022/09/21 12:0 a.m.27 views

Pagekit vulnerable to Unrestricted Upload of File with Dangerous Type

A file upload vulnerability exists in the storage feature of pagekit 1.0.18, which allows an attacker to upload malicious files...

9.8CVSS8.9AI score0.17609EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2022/09/21 12:0 a.m.24 views

GHSA-4V5M-VWVP-P7W8 Pagekit vulnerable to Unrestricted Upload of File with Dangerous Type

A file upload vulnerability exists in the storage feature of pagekit 1.0.18, which allows an attacker to upload malicious files...

9.8CVSS9.4AI score0.17609EPSS
Exploits1References3
NVD
NVD
added 2022/09/20 5:15 p.m.17 views

CVE-2022-38916

A file upload vulnerability exists in the storage feature of pagekit 1.0.18, which allows an attacker to upload malicious files...

9.8CVSS0.17609EPSS
Exploits1References1
Prion
Prion
added 2022/09/20 5:15 p.m.19 views

Unrestricted file upload

A file upload vulnerability exists in the storage feature of pagekit 1.0.18, which allows an attacker to upload malicious files...

7.5CVSS9.3AI score0.17609EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2022/09/20 4:9 p.m.3 views

CVE-2022-38916

A file upload vulnerability exists in the storage feature of pagekit 1.0.18, which allows an attacker to upload malicious files...

6.7AI score0.17609EPSS
Exploits1References1
CVE
CVE
added 2022/09/20 4:9 p.m.72 views

CVE-2022-38916

CVE-2022-38916 is a confirmed file upload vulnerability in Pagekit 1.0.18’s storage feature. The issue enables uploading malicious files due to insufficient validation/type restrictions, as described in multiple sources (including Red Hat and Veracode entries). The CVSS 3.1 vector (AV:N/AC:L/PR:N...

9.8CVSS9.3AI score0.17609EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/09/20 4:9 p.m.24 views

CVE-2022-38916

A file upload vulnerability exists in the storage feature of pagekit 1.0.18, which allows an attacker to upload malicious files...

9.6AI score0.17609EPSS
Exploits1References1
OSV
OSV
added 2022/09/20 4:9 p.m.13 views

CVE-2022-38916

A file upload vulnerability exists in the storage feature of pagekit 1.0.18, which allows an attacker to upload malicious files...

9.8CVSS9.4AI score0.17609EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/09/20 12:0 a.m.6 views

Pagekit 代码问题漏洞

Pagekit is a modular, lightweight CMS Content Management System. A security vulnerability exists in Pagekit version 1.0.18, which can be exploited by attackers to upload malicious files...

9.8CVSS8.3AI score0.17609EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/09/20 12:0 a.m.4 views

PT-2022-24616 · Pagekit · Pagekit

Name of the Vulnerable Software and Affected Versions: pagekit version 1.0.18 Description: A file upload issue exists in the storage feature, allowing an attacker to upload malicious files. Recommendations: For pagekit version 1.0.18, update to a newer version that contains a fix for this issue...

9.8CVSS9.4AI score0.17609EPSS
Exploits1References6
Github Security Blog
Github Security Blog
added 2022/08/29 8:6 p.m.44 views

Pagekit CMS cross-site scripting in Markdown text box where articles are edited

A cross-site scripting XSS vulnerability in Pagekit CMS v1.0.18 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Markdown text box under /blog/post/edit...

6.1CVSS5.6AI score0.00496EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder