Overview
Under the SecureLayer7’s Gratis Pentest Summer 2016, our consultant “Saurabh Banawar” have performed the 2 days penetration testing on the PageKit open source CMS application. Following vulnerabilities Saurabh have found during the penetration testing.
- Vertical/Horizontal Authentication Bypass or Password Reset Vulnerability (Critical) – CVE-2017-5594
- Server side information disclosure (Medium)
- Misconfiguration Improper use of .htaccess (Low)
- Weak Password Policy(Low)
- Sensitive Information leakage via referrer header (Low)
- Plain text storage of credentials (Low)
- SWIFTMAILER Remote Code Execution (Low) // Low – On the sender input is controlled by the developer or higher level user, so that rated the impact low.
Download Detailed Report : Download
Exploit Code for Password Reset – Download
Commit tag – Github
Download fixed code – Download