Vulnerabilities > Pagekit > Pagekit > 0.10.3

DATE CVE VULNERABILITY TITLE RISK
2022-04-01 CVE-2021-44135 SQL Injection vulnerability in Pagekit
pagekit all versions, as of 15-10-2021, is vulnerable to SQL Injection via Comment listing.
network
low complexity
pagekit CWE-89
critical
 9.8
9.8
2018-07-18 CVE-2018-14381 Open Redirect vulnerability in Pagekit
Pagekit before 1.0.14 has a /user/login?redirect= open redirect vulnerability.
network
low complexity
pagekit CWE-601
6.1
6.1
2018-06-02 CVE-2018-11564 Cross-site Scripting vulnerability in Pagekit
Stored XSS in YOOtheme Pagekit 1.0.13 and earlier allows a user to upload malicious code via the picture upload feature.
network
low complexity
pagekit CWE-79
4.8
4.8
2017-01-25 CVE-2017-5594 Weak Password Recovery Mechanism for Forgotten Password vulnerability in Pagekit
An issue was discovered in Pagekit CMS before 1.0.11.
network
high complexity
pagekit CWE-640
7.5
7.5