CRITICAL9.9CVE-2025-67164Pagekit CMS is vulnerable to OS Command Injection via Storage component from 0, <= 1.0.18
CRITICAL9.8CVE-2025-67165Pagekit CMS has an Insecure Direct Object Reference (IDOR) in its User Role component from 0, <= 1.0.18
CRITICAL9.8CVE-2022-38916Pagekit vulnerable to Unrestricted Upload of File with Dangerous Type from 0, <= 1.0.18
CRITICAL9.8SQL injection in pagekit/pagekit
from 0, <= 1.0.18
HIGH8.8Pagekit File Upload vulnerability
from 0, <= 1.0.17
HIGH7.8Command injection in pagekit
from 0, <= 1.0.18
HIGH7.5Pagekit Weak Password Recovery Mechanism for Forgotten Password
from 0, < 1.0.11
MEDIUM6.1Pagekit Cross-site Scripting vulnerability
from 0, <= 1.0.18
MEDIUM6.1Pagekit CMS cross-site scripting in Markdown text box where articles are edited
from 0, <= 1.0.18
MEDIUM6.1Pagekit open redirect vulnerability
from 0, < 1.0.14
MEDIUM5.4Cross-site scripting in PageKit
from 0, <= 1.0.18
MEDIUM5.3Pagekit User enumeration
MEDIUM4.8Pagekit Stored Cross-site Scripting