Lucene search
+L

458 matches found

WPVulnDB
WPVulnDB
added 2014/08/01 10:58 a.m.15 views

Google reCAPTCHA <= 3.1.3 - Reflected XSS

The wp-recaptcha WordPress plugin was affected by a Reflected XSS security vulnerability...

1.8AI score
Exploits0References1Affected Software1
ThreatPost
ThreatPost
added 2013/10/28 4:21 p.m.13 views

Google Retools reCAPTCHA Authentication System

Google announced a change to its reCAPTCHA authentication system late Friday wherein the company will begin creating different types of puzzles for different users, use numeric CAPTCHAs and move away from more obscure, hard-to-read distorted letters. CAPTCHAs are the series of distorted letter...

0.2AI score
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2013/08/08 12:0 a.m.16 views

Fedora 18 : ReviewBoard-1.7.12-1.fc18 / python-djblets-0.7.16-1.fc18 (2013-13911)

As with all ReviewBoard updates, you will need to run 'rb-site upgrade /path/to/site' for all installed sites after applying this update. == Action Required == The default Apache configuration is now more strict with how it serves up file attachments. This does not apply to existing installations...

5.5AI score
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2013/08/08 12:0 a.m.18 views

Fedora 19 : ReviewBoard-1.7.12-1.fc19 / python-djblets-0.7.16-1.fc19 (2013-13850)

As with all ReviewBoard updates, you will need to run 'rb-site upgrade /path/to/site' for all installed sites after applying this update. == Action Required == The default Apache configuration is now more strict with how it serves up file attachments. This does not apply to existing installations...

5.5AI score
Exploits0References4
Packet Storm
Packet Storm
added 2011/12/11 12:0 a.m.22 views

Google reCAPTCHA WordPress Cross Site Scripting

Exploit Title: Google reCAPTCHA Wordpress Plugin - Reflected Cross-Site Scripting XSS Vulnerability Script Page : http://www.google.com/recaptcha http://wordpress.org/extend/plugins/wp-recaptcha Date: 11-12-2011 Author : RandomStorm - http://www.randomstorm.com Avram Marius Gabriel d3v1l Tested o...

0.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2011/11/08 12:0 a.m.13 views

Debian DSA-2338-1 : moodle - several vulnerabilities

Several cross-site scripting and information disclosure issues have been fixed in Moodle, a course management system for online learning : - MSA-11-0020 Continue links in error messages can lead offsite - MSA-11-0024 reCAPTCHA images were being authenticated from an older server - MSA-11-0025 Gro...

5AI score
Exploits0References8
OSV
OSV
added 2011/11/07 12:0 a.m.49 views

DSA-2338-1 moodle - several

Bulletin has no description...

6.8CVSS6AI score0.02102EPSS
Exploits0
NVD
NVD
added 2011/03/22 5:55 p.m.21 views

CVE-2011-0759

Multiple cross-site request forgery CSRF vulnerabilities in the configuration page in the Recaptcha aka WP-reCAPTCHA plugin 2.9.8.2 for WordPress allow remote attackers to hijack the authentication of administrators for requests that disable the CAPTCHA requirement or insert cross-site scripting...

6.8CVSS6.6AI score0.01065EPSS
Exploits0References5
Prion
Prion
added 2011/03/22 5:55 p.m.15 views

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in the configuration page in the Recaptcha aka WP-reCAPTCHA plugin 2.9.8.2 for WordPress allow remote attackers to hijack the authentication of administrators for requests that disable the CAPTCHA requirement or insert cross-site scripting...

6.8CVSS7AI score0.01065EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2011/03/22 5:0 p.m.26 views

CVE-2011-0759

Multiple cross-site request forgery CSRF vulnerabilities in the configuration page in the Recaptcha aka WP-reCAPTCHA plugin 2.9.8.2 for WordPress allow remote attackers to hijack the authentication of administrators for requests that disable the CAPTCHA requirement or insert cross-site scripting...

6.6AI score0.01065EPSS
Exploits0References5
CVE
CVE
added 2011/03/22 5:0 p.m.46 views

CVE-2011-0759

CVE-2011-0759 affects the WordPress WP-reCAPTCHA (Recaptcha) plugin up to version 2.9.8.2. The vulnerability is due to multiple cross-site request forgery (CSRF) vectors in the configuration page, allowing remote attackers to hijack administrator sessions and to inject or disable CAPTCHA/XSS cont...

6.8CVSS6.8AI score0.01065EPSS
Exploits0References5Affected Software1
WPVulnDB
WPVulnDB
added 2011/03/17 12:0 a.m.22 views

WP Recaptcha < 3.0 - Multiple CSRF

The wp-recaptcha WordPress plugin was affected by a Multiple CSRF security vulnerability...

6.8CVSS1.7AI score0.01065EPSS
Exploits0References3Affected Software1
securityvulns
securityvulns
added 2011/02/17 12:0 a.m.29 views

Уязвимость в reCAPTCHA для Drupal

Здравствуйте 3APA3A! Сообщаю вам о найденной мною Insufficient Anti-automation уязвимости в reCAPTCHA для Drupal. В проекте MoBiC в 2007 году я уже писал об обходе reCaptcha для Drupal http://websecurity.com.ua/1505/. Это новый метод обхода reCaptcha для Drupal. Insufficient Anti-automation...

7.1AI score
Exploits0
Patchstack
Patchstack
added 2011/02/03 12:0 a.m.20 views

WordPress Recaptcha Plugin <= 2.9.8.2 - Multiple CSRF and XSS

Because of these cross-site request forgery vulnerabilities in the configuration page, the attackers can hijack the authentication of administrators for requests that disable the CAPTCHA requirement or insert cross-site scripting sequences. Solution Update the plugin...

6.8CVSS2.7AI score0.01065EPSS
Exploits0References1Affected Software1
Friends Of PHP
Friends Of PHP
added 2010/01/08 5:31 p.m.15 views

Potential XSS vector in Zend_Service_ReCaptcha_MailHide

More info at https://framework.zend.com/security/advisory/ZF2010-05...

7.2AI score
Exploits0Affected Software1
ThreatPost
ThreatPost
added 2009/12/24 3:14 p.m.8 views

New Technique Beats Google's reCAPTCHA

Even the latest images in Google’s reCAPTCHA can be cracked with sufficient reliability to allow protective services to be exploited. Read the full article. The H Security...

2.7AI score
Exploits0References2
ThreatPost
ThreatPost
added 2009/09/18 3:21 p.m.19 views

Google + reCAPTCHA Could Raise Bar in Anti-Bot, Anti-Spam Fight

Locked in a cat-and-mouse game with spammers who use bots to defeat anti-fraud mechanisms and create fake accounts, Google today announced a deal to acquire reCAPTCHA, a company that provides those squiggly words at login screens. The ReCAPTCHA deal isn’t exactly a security transaction...

Exploits0References10
securityvulns
securityvulns
added 2007/12/03 12:0 a.m.37 views

Vulnerability in Drupal Captcha

Здравствуйте 3APA3A! Сообщаю вам о найденной мною Insufficient Anti-automation уязвимости в плагине Captcha для Drupal. Данная капча уязвима для captcha token bypass method. Уязвимость я нашёл в плагине reCaptcha для Drupal который является под-плагином для плагина Captcha. Как сообщил Ben Maurer...

7.2AI score
Exploits0
Rows per page
Query Builder