9 matches found
CVE-2022-38916
A file upload vulnerability exists in the storage feature of pagekit 1.0.18, which allows an attacker to upload malicious files...
CVE-2024-45967
Pagekit 1.0.18 is vulnerable to Cross Site Scripting XSS in index.php/admin/site/widget...
CVE-2024-45967
Pagekit 1.0.18 is vulnerable to Cross Site Scripting XSS in index.php/admin/site/widget...
CVE-2024-45967
Pagekit 1.0.18 is vulnerable to Cross Site Scripting (XSS) in the endpoint index.php/admin/site/widget. The Red Hat, Veracode, SNYK, and PT Security entries confirm XSS due to improper handling in this widget management path; there is no publicly published fixed version in the sources provided. T...
CVE-2022-38916
A file upload vulnerability exists in the storage feature of pagekit 1.0.18, which allows an attacker to upload malicious files...
CVE-2022-38916
A file upload vulnerability exists in the storage feature of pagekit 1.0.18, which allows an attacker to upload malicious files...
Unrestricted file upload
A file upload vulnerability exists in the storage feature of pagekit 1.0.18, which allows an attacker to upload malicious files...
CVE-2022-38916
A file upload vulnerability exists in the storage feature of pagekit 1.0.18, which allows an attacker to upload malicious files...
CVE-2022-38916
CVE-2022-38916 is a confirmed file upload vulnerability in Pagekit 1.0.18’s storage feature. The issue enables uploading malicious files due to insufficient validation/type restrictions, as described in multiple sources (including Red Hat and Veracode entries). The CVSS 3.1 vector (AV:N/AC:L/PR:N...