458 matches found
Google reCAPTCHA <= 3.1.3 - Reflected XSS
The wp-recaptcha WordPress plugin was affected by a Reflected XSS security vulnerability...
Google Retools reCAPTCHA Authentication System
Google announced a change to its reCAPTCHA authentication system late Friday wherein the company will begin creating different types of puzzles for different users, use numeric CAPTCHAs and move away from more obscure, hard-to-read distorted letters. CAPTCHAs are the series of distorted letter...
Fedora 18 : ReviewBoard-1.7.12-1.fc18 / python-djblets-0.7.16-1.fc18 (2013-13911)
As with all ReviewBoard updates, you will need to run 'rb-site upgrade /path/to/site' for all installed sites after applying this update. == Action Required == The default Apache configuration is now more strict with how it serves up file attachments. This does not apply to existing installations...
Fedora 19 : ReviewBoard-1.7.12-1.fc19 / python-djblets-0.7.16-1.fc19 (2013-13850)
As with all ReviewBoard updates, you will need to run 'rb-site upgrade /path/to/site' for all installed sites after applying this update. == Action Required == The default Apache configuration is now more strict with how it serves up file attachments. This does not apply to existing installations...
Google reCAPTCHA WordPress Cross Site Scripting
Exploit Title: Google reCAPTCHA Wordpress Plugin - Reflected Cross-Site Scripting XSS Vulnerability Script Page : http://www.google.com/recaptcha http://wordpress.org/extend/plugins/wp-recaptcha Date: 11-12-2011 Author : RandomStorm - http://www.randomstorm.com Avram Marius Gabriel d3v1l Tested o...
Debian DSA-2338-1 : moodle - several vulnerabilities
Several cross-site scripting and information disclosure issues have been fixed in Moodle, a course management system for online learning : - MSA-11-0020 Continue links in error messages can lead offsite - MSA-11-0024 reCAPTCHA images were being authenticated from an older server - MSA-11-0025 Gro...
DSA-2338-1 moodle - several
Bulletin has no description...
CVE-2011-0759
Multiple cross-site request forgery CSRF vulnerabilities in the configuration page in the Recaptcha aka WP-reCAPTCHA plugin 2.9.8.2 for WordPress allow remote attackers to hijack the authentication of administrators for requests that disable the CAPTCHA requirement or insert cross-site scripting...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in the configuration page in the Recaptcha aka WP-reCAPTCHA plugin 2.9.8.2 for WordPress allow remote attackers to hijack the authentication of administrators for requests that disable the CAPTCHA requirement or insert cross-site scripting...
CVE-2011-0759
Multiple cross-site request forgery CSRF vulnerabilities in the configuration page in the Recaptcha aka WP-reCAPTCHA plugin 2.9.8.2 for WordPress allow remote attackers to hijack the authentication of administrators for requests that disable the CAPTCHA requirement or insert cross-site scripting...
CVE-2011-0759
CVE-2011-0759 affects the WordPress WP-reCAPTCHA (Recaptcha) plugin up to version 2.9.8.2. The vulnerability is due to multiple cross-site request forgery (CSRF) vectors in the configuration page, allowing remote attackers to hijack administrator sessions and to inject or disable CAPTCHA/XSS cont...
WP Recaptcha < 3.0 - Multiple CSRF
The wp-recaptcha WordPress plugin was affected by a Multiple CSRF security vulnerability...
Уязвимость в reCAPTCHA для Drupal
Здравствуйте 3APA3A! Сообщаю вам о найденной мною Insufficient Anti-automation уязвимости в reCAPTCHA для Drupal. В проекте MoBiC в 2007 году я уже писал об обходе reCaptcha для Drupal http://websecurity.com.ua/1505/. Это новый метод обхода reCaptcha для Drupal. Insufficient Anti-automation...
WordPress Recaptcha Plugin <= 2.9.8.2 - Multiple CSRF and XSS
Because of these cross-site request forgery vulnerabilities in the configuration page, the attackers can hijack the authentication of administrators for requests that disable the CAPTCHA requirement or insert cross-site scripting sequences. Solution Update the plugin...
Potential XSS vector in Zend_Service_ReCaptcha_MailHide
More info at https://framework.zend.com/security/advisory/ZF2010-05...
New Technique Beats Google's reCAPTCHA
Even the latest images in Google’s reCAPTCHA can be cracked with sufficient reliability to allow protective services to be exploited. Read the full article. The H Security...
Google + reCAPTCHA Could Raise Bar in Anti-Bot, Anti-Spam Fight
Locked in a cat-and-mouse game with spammers who use bots to defeat anti-fraud mechanisms and create fake accounts, Google today announced a deal to acquire reCAPTCHA, a company that provides those squiggly words at login screens. The ReCAPTCHA deal isn’t exactly a security transaction...
Vulnerability in Drupal Captcha
Здравствуйте 3APA3A! Сообщаю вам о найденной мною Insufficient Anti-automation уязвимости в плагине Captcha для Drupal. Данная капча уязвима для captcha token bypass method. Уязвимость я нашёл в плагине reCaptcha для Drupal который является под-плагином для плагина Captcha. Как сообщил Ben Maurer...