CVE-2025-67165

Name of the Vulnerable Software and Affected Versions Pagekit CMS version 1.0.18

Description An Insecure Direct Object Reference (IDOR) exists in Pagekit CMS version 1.0.18, potentially allowing attackers to escalate privileges. An IDOR occurs when an application uses user-supplied input to directly access objects, leading to unauthorized access. In this instance, an attacker could potentially manipulate object references to gain elevated privileges within the system. The API endpoint is not specified. The vulnerable parameter is not specified. The vulnerable function is not specified.

Recommendations Update Pagekit CMS to a version that addresses this issue. As a temporary workaround, implement stricter access controls and validation of object references to prevent unauthorized access.