PT-2023-9869 · Jianlinwei · Cool-Php-Captcha

Name of the Vulnerable Software and Affected Versions: jianlinwei cool-php-captcha versions up to 0.2 Description: A problematic vulnerability was found in the example-form.php file, where the manipulation of the captcha argument with the input %3Cscript%3Ealert1%3C/script%3E leads to cross-site...

cool-php-captcha 跨站脚本漏洞

cool-php-captcha is an application by the individual developer LaoWei. A cross-site scripting vulnerability exists in version 0.2 of cool-php-captcha, which stems from unknown code in the file example-form.php, and can be exploited to cause cross-site scripting using the input of an action-specif...

Securimage HTML Injection

HTML Injection in Securimage prior to 3.6.6 allows remote attackers to inject arbitrary HTML into an e-mail message body via the $SERVER'HTTPUSERAGENT' parameter to exampleform.ajax.php or exampleform.php...

Securimage HTML Injection Vulnerability

Securimage is an open source free PHP CAPTCHA script for generating complex CAPTCHA images and CAPTCHA code. An HTML injection vulnerability exists in Securimage 3.6.4 and earlier versions. A remote attacker can send the '$SERVER'HTTPUSERAGENT'' parameter to the exampleform.ajax.php or...