Iqingshan

**Name of the Vulnerable Software and Affected Versions** Pagekit version 1.0.18 **Description** An issue in Pagekit allows a remote attacker to execute arbitrary code via the `downloadAction` and `updateAction` functions in `UpdateController.php`. **Recommendations** For Pagekit version 1.0.18, consider disabling the `downloadAction` and `updateAction` functions in `UpdateController.php` as a temporary workaround until a patch is available. Restrict access to the `UpdateController.php` file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.