CVE-2026-6983 - Vulnerability Details

- pagekit download server-side request forgery

Description

A vulnerability was identified in pagekit up to 1.0.18. Affected by this issue is some unknown functionality of the file /index.php/admin/system/update/download. The manipulation of the argument url leads to server-side request forgery. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.

Published: 2026-04-25

Score: 5.1 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

A flaw exists in PageKit versions up to 1.0.18 where the url argument supplied to /index.php/admin/system/update/download can be manipulated to trigger arbitrary server‑side HTTP requests. The weakness, classified as CWE‑918, allows an attacker to force the vulnerable host to fetch data from any target address, including internal network resources, potentially exposing sensitive information or enabling further exploitation. The vulnerability is exploitable remotely and public code for the exploit is available, indicating that an adversary could use it without additional discovery steps.

Affected Systems

The affected product is PageKit. Versions 1.0.18 and earlier are vulnerable; newer releases are not affected. The vendor is PageKit.

Risk and Exploitability

The CVSS score of 5.1 rates this as medium risk. The EPSS score of less than 1% indicates a low probability of widespread exploitation detected in the wild. The vulnerability is not listed in CISA's KEV catalog. The likely attack vector is remote, through HTTP requests directed to the vulnerable download endpoint.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

n/a

pagekit

affected

Version	Status	Constraints
`1.0.0`	affected	—
`1.0.1`	affected	—
`1.0.2`	affected	—
`1.0.3`	affected	—
`1.0.4`	affected	—
`1.0.5`	affected	—
`1.0.6`	affected	—
`1.0.7`	affected	—
`1.0.8`	affected	—
`1.0.9`	affected	—
`1.0.10`	affected	—
`1.0.11`	affected	—
`1.0.12`	affected	—
`1.0.13`	affected	—
`1.0.14`	affected	—
`1.0.15`	affected	—
`1.0.16`	affected	—
`1.0.17`	affected	—
`1.0.18`	affected	—

No data.

Vendor Product Confidence Versions

Pagekit

95%

Version	Status	Scheme	Platform
`1.0.0`	affected	semver	—
`1.0.1`	affected	semver	—
`1.0.2`	affected	semver	—
`1.0.3`	affected	semver	—
`1.0.4`	affected	semver	—
`1.0.5`	affected	semver	—
`1.0.6`	affected	semver	—
`1.0.7`	affected	semver	—
`1.0.8`	affected	semver	—
`1.0.9`	affected	semver	—
`1.0.10`	affected	semver	—
`1.0.11`	affected	semver	—
`1.0.12`	affected	semver	—
`1.0.13`	affected	semver	—
`1.0.14`	affected	semver	—
`1.0.15`	affected	semver	—
`1.0.16`	affected	semver	—
`1.0.17`	affected	semver	—
`1.0.18`	affected	semver	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade to a non‑vulnerable PageKit release (1.0.19 or later) once it becomes available.
If upgrading is not immediately possible, restrict or disable the /index.php/admin/system/update/download endpoint for unauthenticated or external users.
Apply network‑level controls such as a firewall or proxy to block or inspect outbound requests originating from the web server to prevent unintended access to internal or external resources.

Generated by OpenCVE AI on April 28, 2026 at 05:34 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

Attack Vector Network

Attack Complexity Low

Privileges Required High

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact Low

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Multiple

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.00043.

Exploitation poc

Automatable no

Technical Impact partial

References

Link	Providers
https://vuldb.com/submit/796163
https://vuldb.com/vuln/359526
https://vuldb.com/vuln/359526/cti
https://www.yuque.com/fortune-toq55/giqwnb/ek05kkfeg1gg8v6t

History

Mon, 27 Apr 2026 15:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Sat, 25 Apr 2026 15:30:00 +0000

Type	Values Removed	Values Added
Description		A vulnerability was identified in pagekit up to 1.0.18. Affected by this issue is some unknown functionality of the file /index.php/admin/system/update/download. The manipulation of the argument url leads to server-side request forgery. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.
Title		pagekit download server-side request forgery
First Time appeared		Pagekit Pagekit pagekit
Weaknesses		CWE-918
CPEs		cpe:2.3:a:pagekit:pagekit::::::::
Vendors & Products		Pagekit Pagekit pagekit
References		https://vuldb.com/submit/796163 https://vuldb.com/vuln/359526 https://vuldb.com/vuln/359526/cti https://www.yuque.com/fortune-toq55/giqwnb/ek05kkfeg1gg8v6t
Metrics		cvssV2_0 `{'score': 5.8, 'vector': 'AV:N/AC:L/Au:M/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}` cvssV3_0 `{'score': 4.7, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}` cvssV3_1 `{'score': 4.7, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}` cvssV4_0 `{'score': 5.1, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}`

Subscriptions

Pagekit Pagekit

MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2026-04-25T15:15:17.497Z

Updated: 2026-04-27T13:42:31.371Z

Reserved: 2026-04-24T19:05:35.696Z

Link: CVE-2026-6983

Vulnrichment

Updated: 2026-04-27T13:42:24.168Z

NVD

Status : Deferred

Published: 2026-04-25T16:16:16.570

Modified: 2026-04-29T01:00:01.613

Link: CVE-2026-6983

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-28T05:45:23Z

Weaknesses

CWE-918

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required High

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact Low

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Multiple

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Exploitation poc

Automatable no

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object