11 matches found
Emlog Pro 安全漏洞
Emlog Pro is an Emlog open source blogging system. A security vulnerability exists in Emlog Pro version 2.5.23, which stems from an error in the session CAPTCHA clearing logic that could lead to CAPTCHAs being reused...
EUVD-2021-15693
Malware in sbrugna...
CVE-2024-44821
ZZCMS 2023 contains a vulnerability in the captcha reuse logic located in /inc/function.php. The checkyzm function does not properly refresh the captcha value after a failed validation attempt. As a result, an attacker can exploit this flaw by repeatedly submitting the same incorrect captcha...
CVE-2024-44821
ZZCMS 2023 contains a vulnerability in the captcha reuse logic located in /inc/function.php. The checkyzm function does not properly refresh the captcha value after a failed validation attempt. As a result, an attacker can exploit this flaw by repeatedly submitting the same incorrect captcha...
CVE-2024-44821
ZZCMS 2023 contains a vulnerability in the captcha reuse logic located in /inc/function.php. The checkyzm function does not properly refresh the captcha value after a failed validation attempt. As a result, an attacker can exploit this flaw by repeatedly submitting the same incorrect captcha...
CVE-2024-44821
ZZCMS 2023 contains a vulnerability in the captcha reuse logic located in /inc/function.php. The checkyzm function does not properly refresh the captcha value after a failed validation attempt. As a result, an attacker can exploit this flaw by repeatedly submitting the same incorrect captcha...
CVE-2024-44821
ZZCMS 2023 contains a vulnerability in the captcha reuse logic in /inc/function.php. The checkyzm function does not properly refresh the captcha value after a failed validation, enabling an attacker to repeatedly submit the same incorrect captcha and potentially infer the correct value via error ...
CVE-2024-44821
ZZCMS 2023 contains a vulnerability in the captcha reuse logic located in /inc/function.php. The checkyzm function does not properly refresh the captcha value after a failed validation attempt. As a result, an attacker can exploit this flaw by repeatedly submitting the same incorrect captcha...
Insufficient Granularity of Access Control
Description There are no rate limits and reuse of captcha is allowed resulting in reuse of same captcha to issue notifications to administrator Proof of Concept Capture the newsletter subscription flow in burp and continue with entering email & captcha until below POST form request is captured...
CVE-2021-29047
The SimpleCaptcha implementation in Liferay Portal 7.3.4, 7.3.5 and Liferay DXP 7.3 before fix pack 1 does not invalidate CAPTCHA answers after it is used, which allows remote attackers to repeatedly perform actions protected by a CAPTCHA challenge by reusing the same CAPTCHA answer...
Ajax BootModal Login <= 1.4.3 - Captcha Reuse
The Ajax BootModal Login WordPress plugin was affected by a Captcha Reuse security vulnerability...