Lucene search
K

6 matches found

Github Security Blog
Github Security Blog
added 2022/05/24 4:56 p.m.20 views

Pagekit User enumeration

The Reset Password feature in Pagekit 1.0.17 gives a different response depending on whether the e-mail address of a valid user account is entered, which might make it easier for attackers to enumerate accounts...

5.3CVSS7AI score0.01106EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2019/11/22 4:15 p.m.11 views

CVE-2019-19013

A CSRF vulnerability in Pagekit 1.0.17 allows an attacker to upload an arbitrary file by removing the CSRF token from a request...

8.8CVSS6.9AI score
Exploits0References1
Prion
Prion
added 2019/11/22 4:15 p.m.10 views

Cross site request forgery (csrf)

A CSRF vulnerability in Pagekit 1.0.17 allows an attacker to upload an arbitrary file by removing the CSRF token from a request...

6.8CVSS8.6AI score0.00764EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2019/11/22 3:55 p.m.18 views

CVE-2019-19013

A CSRF vulnerability in Pagekit 1.0.17 allows an attacker to upload an arbitrary file by removing the CSRF token from a request...

8.7AI score0.00764EPSS
Exploits2References1
OSV
OSV
added 2019/09/21 7:15 p.m.20 views

CVE-2019-16669

The Reset Password feature in Pagekit 1.0.17 gives a different response depending on whether the e-mail address of a valid user account is entered, which might make it easier for attackers to enumerate accounts...

5.3CVSS6.8AI score
Exploits0References1
Prion
Prion
added 2019/09/21 7:15 p.m.14 views

Design/Logic Flaw

The Reset Password feature in Pagekit 1.0.17 gives a different response depending on whether the e-mail address of a valid user account is entered, which might make it easier for attackers to enumerate accounts...

5CVSS5.3AI score0.01106EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder