CVE-2006-2918
The Lanap BotDetect ASP.NET CAPTCHA component (pre-1.5.4.0) stores the CAPTCHA UUID and hash in the ViewState, allowing a remote attacker to replay a known ViewState and bypass the CAPTCHA. Symantec advisory SYMSA-2006-005 confirms the bypass and notes the vendor fixed the issue in BotDetect ASP....