An issue in Pagekit pagekit v.1.0.18 alows a remote attacker to execute arbitrary code via thedownloadAction and updateAction functions in UpdateController.phpReferenceshttps://github.com/pagekit/pagekit/issues/977
