CVE-2025-67164

Published December 17th, 2025

View on NVD ↗

CVSS v3

9.9

CRITICAL

CVSS v2

N/A

Affected

PROJECT

Description

An authenticated arbitrary file upload vulnerability in the /storage/poc.php component of Pagekit CMS v1.0.18 allows attackers to execute arbitrary code via uploading a crafted PHP file.

mbiesiad/vulnerability-research

This repository contains information about the public CVEs I found.

GitHub