3 matches found
GHSA-848F-MPH5-9PM9 Zendframework Potential Information Disclosure and Insufficient Entropy vulnerability
In Zend Framework, ZendCaptchaWord v1 and Zend\Captcha\Word v2 generate a "word" for a CAPTCHA challenge by selecting a sequence of random letters from a character set. Prior to this advisory, the selection was performed using PHP's internal arrayrand function. This function does not generate...
GHSA-MG4X-PRH7-G4MX Zend-Captcha Information Disclosure and Insufficient Entropy vulnerability
In Zend Framework, ZendCaptchaWord v1 and Zend\Captcha\Word v2 generate a "word" for a CAPTCHA challenge by selecting a sequence of random letters from a character set. Prior to this advisory, the selection was performed using PHP's internal arrayrand function. This function does not generate...
rnd_case
This evasion plugin changes the case of random letters. Example: Input: /bar/foo.asp Output : /BAr/foO.Asp Plugin type Evasion Options This plugin doesnt have any user configured options. Source For more information about this plugin and the associated tests, theres always the source code to...