Remote Code Execution Vulnerability in Pagekit CMS by Pagekit
CVE-2026-6652
5.1MEDIUM
What is CVE-2026-6652?
A vulnerability has been detected in Pagekit CMS versions up to 1.0.18, specifically within the PhpEngine.php file's evaluate function. This issue stems from inadequate neutralization of directives in dynamically executed code, potentially enabling remote exploitation of the system. The exploit details have been disclosed publicly, posing serious risks if not addressed. Despite earlier notifications regarding this vulnerability, the vendor has not responded to inquiries. Users of affected versions should implement immediate security measures to mitigate risks.
Affected Version(s)
CMS 1.0.0
CMS 1.0.1
CMS 1.0.2