ID CVE-2017-9090
Summary reg.php in Allen Disk 1.6 doesn't check if isset($_SESSION['captcha']['code'])==1, which makes it possible to bypass the CAPTCHA via an empty $_POST['captcha'].
References
Vulnerable Configurations
CVSS
Base: None
Impact:
Exploitability:
refmap via4
confirm https://github.com/s3131212/allendisk/issues/25
Last major update 19-05-2017 - 14:29
Published 19-05-2017 - 14:29
Last modified 19-05-2017 - 14:29
Back to Top