CVE-2008-2020

The CAPTCHA implementation as used in 1 Francisco Burzi PHP-Nuke 7.0 and 8.1, 2 my123tkShop e-Commerce-Suite aka 123tkShop 0.9.1, 3 phpMyBitTorrent 1.2.2, 4 TorrentFlux 2.3, 5 e107 0.7.11, 6 WebZE 0.5.9, 7 Open Media Collectors Database aka OpenDb 1.5.0b4, and 8 Labgab 1.1 uses a codebg.jpg...

CVE-2008-2020

The CAPTCHA implementation as used in 1 Francisco Burzi PHP-Nuke 7.0 and 8.1, 2 my123tkShop e-Commerce-Suite aka 123tkShop 0.9.1, 3 phpMyBitTorrent 1.2.2, 4 TorrentFlux 2.3, 5 e107 0.7.11, 6 WebZE 0.5.9, 7 Open Media Collectors Database aka OpenDb 1.5.0b4, and 8 Labgab 1.1 uses a codebg.jpg...

CVE-2008-2019

Simple Machines Forum SMF, probably 1.1.4, relies on "randomly generated static" to hinder brute-force attacks on the WAV file aka audio CAPTCHA, which allows remote attackers to pass the CAPTCHA test via an automated attack that considers Hamming distances. NOTE: this issue reportedly exists...

CVE-2008-2019

SMF (likely version ~1.1.4) is vulnerable due to a weak WAV CAPTCHA generation that relies on insufficient randomness, allowing automated brute-force bypass of the CAPTCHA. Root cause points to an insufficient fix for CVE-2007-3308; exploitation status and exact patch details are not provided in ...

CVE-2008-2020

The CVE-2008-2020 issue affects multiple CAPTCHA implementations: PHP-Nuke (versions 7.0–8.1), my123tkShop 0.9.1, phpMyBitTorrent 1.2.2, TorrentFlux 2.3, e107 0.7.11, WebZE 0.5.9, Open Media Collectors Database 1.5.0b4, and Labgab 1.1. The root cause is use of a code_bg.jpg background with PHP Im...

Deciphering the PHP-Nuke Capthca

The Capthca used in the current version 8.1 of PHP Nuke can be deciphered with 100 accuracy. more information can be found her: http://www.rooksecurity.com/blog/?p=6 Exploit Code: http://www.rooksecurity.com/exploits/phpnukecaptcha.zip What is so interesting about this captcha is that it is...

Deciphering the Simple Machines Forum audio Captcha

The Simple Machine’s Forum audio Captcha that has been hardened from attack. I have contacted SMF about this flaw and it has been verified. I go into greater detail of how i am able to break this captcha here: http://www.rooksecurity.com/blog/?p=6 Exploit Code:...

SMF 1.1.4 - Audio CAPTCHA Security Bypass

SMF 1.1.4 - Audio CAPTCHA Security Bypass source: https://www.securityfocus.com/bid/28866/info SMF Simple Machine Forum is prone to a security-bypass vulnerability that occurs in the audio CAPTCHA protocol. Successfully exploiting this issue may allow attackers to send unsolicited spam or perform...

SMF 1.1.4 - Audio CAPTCHA Security Bypass

source: https://www.securityfocus.com/bid/28866/info SMF Simple Machine Forum is prone to a security-bypass vulnerability that occurs in the audio CAPTCHA protocol. Successfully exploiting this issue may allow attackers to send unsolicited spam or perform other automated attacks...

ShopEx PHP remote include vulnerability-vulnerability warning-the black bar safety net

Article author: lonely hacker Source of information: Affects versions: 4.7 and below verifycode.php ? php / Login verification code generating file @package ShopEx online store system @version 4.6 @author ShopEx. cn [email protected] @url @since PHP 4.3 @copyright ShopEx. cn / if ! defined"ISSHOP...

XSS vulnerabilities in create/edit/copy page and blogpost actions

The following create/edit page URL's are vulnerable: - /pages/createpage.action - /pages/docreatepage.action - /pages/editpage.action - /pages/doeditepage.action on parentPageString, mode, labelsString, captchaId The following create/edit blogpost URL's are vulnerable: -...

CVE-2008-0351

admin/config.php in Evilsentinel 1.0.9 and earlier allows remote attackers to bypass the CAPTCHA test by omitting the essecuritycaptcha parameter and not invoking captcha.php...

Authentication flaw

admin/config.php in Evilsentinel 1.0.9 and earlier allows remote attackers to bypass the CAPTCHA test by omitting the essecuritycaptcha parameter and not invoking captcha.php...

CVE-2008-0351

admin/config.php in Evilsentinel 1.0.9 and earlier allows remote attackers to bypass the CAPTCHA test by omitting the essecuritycaptcha parameter and not invoking captcha.php...

CVE-2008-0351

CVE-2008-0351 affects Evilsentinel

Defeating audio captcha systems

Hi all, Some days ago I wrote an advisory which demonstrates how the Peter's Math Antispam Spinoff plugin for wordpress http://www.theblog.ca/math-anti-spam can be defeated by its audio file. It's hard to summarize, you better read the advisory, but in a very small nutshell, the flaw its about no...

WordPress Plugin Peters Math Anti-Spam 0.1.6 - Audio CAPTCHA Security Bypass

WordPress Plugin Peters Math Anti-Spam 0.1.6 - Audio CAPTCHA Security Bypass source: https://www.securityfocus.com/bid/27287/info Peter's Math Anti-Spam for WordPress is prone to a security-bypass vulnerability. This issue occurs when presenting a visitor with challenge data to determine if they...

WordPress Plugin Peter's Math Anti-Spam 0.1.6 - Audio CAPTCHA Security Bypass

source: https://www.securityfocus.com/bid/27287/info Peter's Math Anti-Spam for WordPress is prone to a security-bypass vulnerability. This issue occurs when presenting a visitor with challenge data to determine if they are a legitimate user or an automaton. The challenge data is poorly obfuscate...

CVE-2008-0206

Multiple cross-site scripting XSS vulnerabilities in captcha\captcha.php in the Captcha! 2.5d and earlier plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 captchattffolder, 2 captchanumchars, 3 captchattfrange, or 4 captchasecret parameter...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in captcha\captcha.php in the Captcha! 2.5d and earlier plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 captchattffolder, 2 captchanumchars, 3 captchattfrange, or 4 captchasecret parameter...