Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Ecosystem
Package
Version
Vulnerabilities
CVE-2025-67164
CVE-2025-67164
An authenticated arbitrary file upload vulnerability in the /storage/poc.php component of Pagekit CMS v1.0.18 allows attackers to execute arbitrary code via uploading a crafted PHP file.
Published Dec 19, 2025
https://github.com/advisories/GHSA-m4f2-xpfq-h97v
CVSS Score
Critical
9.9
Components Impacted
Components Impacted
Security Details
Security Details
Sonatype Research
Sonatype Research
Ecosystem
Package
Version
Ecosystem
Package
Version
composer
pagekit/pagekit
0.10.0
composer
pagekit/pagekit
0.10.1
composer
pagekit/pagekit
0.10.2
composer
pagekit/pagekit
0.10.3
composer
pagekit/pagekit
0.10.4
composer
pagekit/pagekit
0.11.0
composer
pagekit/pagekit
0.11.1
composer
pagekit/pagekit
0.11.2
composer
pagekit/pagekit
0.11.3
composer
pagekit/pagekit
0.8.8
composer
pagekit/pagekit
0.9.0
composer
pagekit/pagekit
0.9.1
composer
pagekit/pagekit
0.9.2
composer
pagekit/pagekit
0.9.3
composer
pagekit/pagekit
0.9.4
composer
pagekit/pagekit
0.9.5
composer
pagekit/pagekit
1.0.0
composer
pagekit/pagekit
1.0.10
composer
pagekit/pagekit
1.0.11
composer
pagekit/pagekit
1.0.12
composer
pagekit/pagekit
1.0.13
composer
pagekit/pagekit
1.0.14
composer
pagekit/pagekit
1.0.15
composer
pagekit/pagekit
1.0.16
composer
pagekit/pagekit
1.0.17
composer
pagekit/pagekit
1.0.18
composer
pagekit/pagekit
1.0.1
composer
pagekit/pagekit
1.0.2
composer
pagekit/pagekit
1.0.3
composer
pagekit/pagekit
1.0.4
composer
pagekit/pagekit
1.0.5
composer
pagekit/pagekit
1.0.6
composer
pagekit/pagekit
1.0.7
composer
pagekit/pagekit
1.0.8
composer
pagekit/pagekit
1.0.9
1-35 of 35
CVE-2025-67164 | Components Impacted | Sonatype Guide | Sonatype Guide
