198 matches found
CVE-2023-41005
An issue in Pagekit pagekit v.1.0.18 alows a remote attacker to execute arbitrary code via thedownloadAction and updateAction functions in UpdateController.php...
Code injection
An issue in Pagekit pagekit v.1.0.18 alows a remote attacker to execute arbitrary code via thedownloadAction and updateAction functions in UpdateController.php...
Pagekit 安全漏洞
Pagekit is a modular, lightweight CMS Content Management System. A security vulnerability exists in Pagekit version v.1.0.18, which originated from allowing remote attackers to execute arbitrary code via the downloadAction and updateAction functions in UpdateController.php...
PT-2023-27739 · Pagekit · Pagekit
Name of the Vulnerable Software and Affected Versions: Pagekit version 1.0.18 Description: An issue in Pagekit allows a remote attacker to execute arbitrary code via the downloadAction and updateAction functions in UpdateController.php. Recommendations: For Pagekit version 1.0.18, consider...
CVE-2023-41005
Pagekit 1.0.18 is affected by CVE-2023-41005. The vulnerability exists in UpdateController.php via downloadAction and updateAction, enabling remote code execution. The root cause is that updateAction blindly executes code in the uploaded requirements.php file, allowing an attacker with admin cont...
CVE-2023-41005
An issue in Pagekit pagekit v.1.0.18 alows a remote attacker to execute arbitrary code via thedownloadAction and updateAction functions in UpdateController.php...
CVE-2023-41005
An issue in Pagekit pagekit v.1.0.18 alows a remote attacker to execute arbitrary code via thedownloadAction and updateAction functions in UpdateController.php...
CVE-2023-41005
An issue in Pagekit pagekit v.1.0.18 alows a remote attacker to execute arbitrary code via thedownloadAction and updateAction functions in UpdateController.php...
Arbitrary File Upload
pagekit/pagekit is vulnerable to arbitrary file upload. The vulnerability exists in the storage feature because it doesn't restrict the file types that can be uploaded which allows an attacker to upload malicious files and access the file directory of the system...
Pagekit vulnerable to Unrestricted Upload of File with Dangerous Type
A file upload vulnerability exists in the storage feature of pagekit 1.0.18, which allows an attacker to upload malicious files...
GHSA-4V5M-VWVP-P7W8 Pagekit vulnerable to Unrestricted Upload of File with Dangerous Type
A file upload vulnerability exists in the storage feature of pagekit 1.0.18, which allows an attacker to upload malicious files...
CVE-2022-38916
A file upload vulnerability exists in the storage feature of pagekit 1.0.18, which allows an attacker to upload malicious files...
Unrestricted file upload
A file upload vulnerability exists in the storage feature of pagekit 1.0.18, which allows an attacker to upload malicious files...
CVE-2022-38916
A file upload vulnerability exists in the storage feature of pagekit 1.0.18, which allows an attacker to upload malicious files...
CVE-2022-38916
CVE-2022-38916 is a confirmed file upload vulnerability in Pagekit 1.0.18’s storage feature. The issue enables uploading malicious files due to insufficient validation/type restrictions, as described in multiple sources (including Red Hat and Veracode entries). The CVSS 3.1 vector (AV:N/AC:L/PR:N...
CVE-2022-38916
A file upload vulnerability exists in the storage feature of pagekit 1.0.18, which allows an attacker to upload malicious files...
CVE-2022-38916
A file upload vulnerability exists in the storage feature of pagekit 1.0.18, which allows an attacker to upload malicious files...
Pagekit 代码问题漏洞
Pagekit is a modular, lightweight CMS Content Management System. A security vulnerability exists in Pagekit version 1.0.18, which can be exploited by attackers to upload malicious files...
PT-2022-24616 · Pagekit · Pagekit
Name of the Vulnerable Software and Affected Versions: pagekit version 1.0.18 Description: A file upload issue exists in the storage feature, allowing an attacker to upload malicious files. Recommendations: For pagekit version 1.0.18, update to a newer version that contains a fix for this issue...
Pagekit CMS cross-site scripting in Markdown text box where articles are edited
A cross-site scripting XSS vulnerability in Pagekit CMS v1.0.18 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Markdown text box under /blog/post/edit...