CVE-2018-11564

MEDIUM

Pagekit < 1.0.13 - Stored Cross-Site Scripting via SVG Upload

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2018-11564. PoCs published by DEEPIN2, GeunSam2.

AI-analyzed exploit summary This script generates an SVG file containing a malicious XSS payload for CVE-2018-11564, targeting Pagekit versions before 1.0.13. It embeds user-provided JavaScript code within an SVG file using an XML namespace exploit.

Description

Stored XSS in YOOtheme Pagekit 1.0.13 and earlier allows a user to upload malicious code via the picture upload feature. A user with elevated privileges could upload a photo to the system in an SVG format. This file will be uploaded to the system and it will not be stripped or filtered. The user can create a link on the website pointing to "/storage/poc.svg" that will point to http://localhost/pagekit/storage/poc.svg. When a user comes along to click that link, it will trigger a XSS attack.

Exploits (2)

exploitdb WORKING POC
by DEEPIN2 · pythonwebappsphp
https://www.exploit-db.com/exploits/44837

This script generates an SVG file containing a malicious XSS payload for CVE-2018-11564, targeting Pagekit versions before 1.0.13. It embeds user-provided JavaScript code within an SVG file using an XML namespace exploit.

Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: Pagekit < 1.0.13
No auth needed
Prerequisites: None
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WORKING POC 1 stars
by GeunSam2 · poc
https://github.com/GeunSam2/CVE-2018-11564

This PoC generates an SVG file with embedded malicious script code to exploit CVE-2018-11564, a vulnerability in Apache Batik. The exploit leverages improper input validation to execute arbitrary JavaScript code.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Apache Batik (versions before 1.10)
No auth needed
Prerequisites: Target system must process the malicious SVG file
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/44837/
Exploit, Third Party Advisory x_refsource_misc
http://ruffsecurity.blogspot.com/2018/05/my-first-cve-found.html
Exploit, Third Party Advisory, VDB Entry x_refsource_misc
https://packetstormsecurity.com/files/148001/PageKit-CMS-1.0.13-Cross-Site-Scripting.html

Scores

CVSS v3 4.8
EPSS 0.0095
EPSS Percentile 76.9%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

Details

CWE
CWE-79
Status published
Products (2)
pagekit/pagekit Packagist
pagekit/pagekit < 1.0.13
Published Jun 02, 2018
Tracked Since Feb 18, 2026