CVE-2022-38916
published 2022-09-20CVE-2022-38916: A file upload vulnerability exists in the storage feature of pagekit 1.0.18, which allows an attacker to upload malicious files
PriorityP265critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
16.34%
96.6th percentile
A file upload vulnerability exists in the storage feature of pagekit 1.0.18, which allows an attacker to upload malicious files
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| pagekit | pagekit | — | — |
| pagekit | pagekit | 0 – 1.0.18 | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Pagekit vulnerable to Unrestricted Upload of File with Dangerous Type
ghsa·2022-09-21
CVE-2022-38916 [CRITICAL] CWE-434 Pagekit vulnerable to Unrestricted Upload of File with Dangerous Type
Pagekit vulnerable to Unrestricted Upload of File with Dangerous Type
A file upload vulnerability exists in the storage feature of pagekit 1.0.18, which allows an attacker to upload malicious files
OSV
Pagekit vulnerable to Unrestricted Upload of File with Dangerous Type
osv·2022-09-21
CVE-2022-38916 [CRITICAL] Pagekit vulnerable to Unrestricted Upload of File with Dangerous Type
Pagekit vulnerable to Unrestricted Upload of File with Dangerous Type
A file upload vulnerability exists in the storage feature of pagekit 1.0.18, which allows an attacker to upload malicious files
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2022-09-20
Published