Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pagekit pagekit vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2023-41005
An issue in Pagekit pagekit v.1.0.18 alows a remote malicious user to execute arbitrary code via thedownloadAction and updateAction functions in UpdateController.php
Pagekit Pagekit 1.0.18
9.8
CVSSv3
CVE-2022-38916
A file upload vulnerability exists in the storage feature of pagekit 1.0.18, which allows an malicious user to upload malicious files
Pagekit Pagekit 1.0.18
6.1
CVSSv3
CVE-2022-36573
A cross-site scripting (XSS) vulnerability in Pagekit CMS v1.0.18 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Markdown text box under /blog/post/edit.
Pagekit Pagekit 1.0.18
9.8
CVSSv3
CVE-2021-44135
pagekit all versions, as of 15-10-2021, is vulnerable to SQL Injection via Comment listing.
Pagekit Pagekit
5.4
CVSSv3
CVE-2021-32245
In PageKit v1.0.18, a user can upload SVG files in the file upload portion of the CMS. These SVG files can contain malicious scripts. This file will be uploaded to the system and it will not be stripped or filtered. The user can create a link on the website pointing to "/sto...
Pagekit Pagekit 1.0.18
8.8
CVSSv3
CVE-2019-19013
A CSRF vulnerability in Pagekit 1.0.17 allows an malicious user to upload an arbitrary file by removing the CSRF token from a request.
Pagekit Pagekit 1.0.17
5.3
CVSSv3
CVE-2019-16669
The Reset Password feature in Pagekit 1.0.17 gives a different response depending on whether the e-mail address of a valid user account is entered, which might make it easier for malicious users to enumerate accounts.
Pagekit Pagekit 1.0.17
5.4
CVSSv3
CVE-2018-18087
The Bixie Portfolio plugin 1.2.0 for Pagekit has XSS: a logged-in user who has the "Manage portfolio" privilege can inject arbitrary web script or HTML via the Image URL field in the portfolio editor. The vulnerability is triggered by visiting /portfolio/${project_title...
Bixie Portfolio 1.2.0
6.1
CVSSv3
CVE-2018-14381
Pagekit prior to 1.0.14 has a /user/login?redirect= open redirect vulnerability.
Pagekit Pagekit
4.8
CVSSv3
CVE-2018-11564
Stored XSS in YOOtheme Pagekit 1.0.13 and previous versions allows a user to upload malicious code via the picture upload feature. A user with elevated privileges could upload a photo to the system in an SVG format. This file will be uploaded to the system and it will not be stri...
Pagekit Pagekit
1 EDB exploit
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
logic flaw
CVE-2024-23692
CVE-2024-26229
CVE-2024-35255
CVE-2024-5835
CVE-2024-5837
XML external entity
dos
CVE-2024-5813
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »