Session fixation

The 1 Textimage 4.7.x before 4.7-1.2 and 5.x before 5.x-1.1 module for Drupal and the 2 Captcha 4.7.x before 4.7-1.2 and 5.x before 5.x-1.1 module for Drupal allow remote attackers to bypass the CAPTCHA test via an empty captcha element in $SESSION...

CVE-2007-0658

The 1 Textimage 4.7.x before 4.7-1.2 and 5.x before 5.x-1.1 module for Drupal and the 2 Captcha 4.7.x before 4.7-1.2 and 5.x before 5.x-1.1 module for Drupal allow remote attackers to bypass the CAPTCHA test via an empty captcha element in $SESSION...

CVE-2007-0658

CVE-2007-0658 concerns Drupal environments using the Textimage and Captcha modules. The vulnerability affects Textimage 4.7.x before 4.7-1.2 and 5.x before 5.x-1.1, and likewise the Captcha 4.7.x before 4.7-1.2 and 5.x before 5.x-1.1. The root cause is an empty captcha element in $_SESSION, allow...

Textimage - response validation bypass

Captcha validation by Textimage can be bypassed by manipulating request variables while posting. This defeats the purpose of the captcha and makes automated submission possible. Versions affected All versions of Textimage 4.7.x prior to Textimage 4.7-1.2. All versions of Textimage 5.x prior to...