High severity7.5NVD Advisory· Published Jan 25, 2017· Updated Jun 17, 2026
CVE-2017-5594
CVE-2017-5594
Description
An issue was discovered in Pagekit CMS before 1.0.11. In this vulnerability the remote attacker is able to reset the registered user's password, when the debug toolbar is enabled. The password is successfully recovered using this exploit. The SecureLayer7 ID is SL7_PGKT_01.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
pagekit/pagekitPackagist | < 1.0.11 | 1.0.11 |
Affected products
2Patches
Vulnerability mechanics
References
8- github.com/pagekit/pagekit/commit/e0454f9c037c427a5ff76a57e78dbf8cc00c268bnvdPatchWEB
- securelayer7.net/download/poc/password-reset-vulnerability-exploit-ruby-pagekit-cms.rb.txtnvdExploitThird Party AdvisoryWEB
- www.exploit-db.com/exploits/41143/nvdExploitThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/95806nvdThird Party AdvisoryVDB EntryWEB
- github.com/advisories/GHSA-rp89-32rp-qpq2ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2017-5594ghsaADVISORY
- securelayer7.net/download/pdf/SecureLayer7-Pentest-report-Pagekit-CMS.pdfnvdTechnical DescriptionThird Party AdvisoryWEB
- www.exploit-db.com/exploits/41143ghsaWEB
News mentions
0No linked articles in our index yet.