2 matches found
CVE-2017-9090
reg.php in Allen Disk 1.6 doesn't check if isset$SESSION'captcha''code'==1, which makes it possible to bypass the CAPTCHA via an empty $POST'captcha'...
CVE-2017-9090
The CVE-2017-9090 issue affects Allen Disk 1.6’s reg.php, where there is no proper check of isset($_SESSION['captcha']['code']), enabling bypass of CAPTCHA via an empty $_POST['captcha']. The vulnerability is documented across multiple feeds (NVD entry with CVSSv2/3 scores indicating low–high imp...