Lucene search
Veracode Vulnerability DatabaseVERACODE:4681HistoryJul 26, 2017 - 2:27 a.m.
Password Reset And Recovery
2017-07-2602:27:08
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
3
0.027 Low
EPSS
Percentile
90.5%
pagekit/pagekit is vulnerable to password reset and recovery. Attackers are able to reset a registered user’s password when the debug toolbar is enabled. By doing this, attackers are able to recover the password.
| CPE | Name | Operator | Version |
|---|---|---|---|
| pagekit/pagekit | le | 1.0.10 |
References
www.securityfocus.com/bid/95806
github.com/pagekit/pagekit/commit/e0454f9c037c427a5ff76a57e78dbf8cc00c268b
securelayer7.net/download/pdf/SecureLayer7-Pentest-report-Pagekit-CMS.pdf
securelayer7.net/download/poc/password-reset-vulnerability-exploit-ruby-pagekit-cms.rb.txt
www.exploit-db.com/exploits/41143/
Related
osv
osv
CVE-2017-5594
2017-01-25 18:59:00
Pagekit Weak Password Recovery Mechanism for Forgotten Password
2022-05-13 01:12:12
prion
prion
Design/Logic Flaw
2017-01-25 18:59:00
nvd
nvd
CVE-2017-5594
2017-01-25 18:59:00
github
github
Pagekit Weak Password Recovery Mechanism for Forgotten Password
2022-05-13 01:12:12
cve
cve
CVE-2017-5594
2017-01-25 18:59:00
cvelist
cvelist
CVE-2017-5594
2017-01-25 18:00:00