Description

The (1) Textimage 4.7.x before 4.7-1.2 and 5.x before 5.x-1.1 module for Drupal and the (2) Captcha 4.7.x before 4.7-1.2 and 5.x before 5.x-1.1 module for Drupal allow remote attackers to bypass the CAPTCHA test via an empty captcha element in $_SESSION.

Remediation

References

CVE-2007-0658

Related Vulnerabilities

PHP Double Free Vulnerability (CVE-2016-5772)

WordPress Plugin DW Question & Answer Cross-Site Request Forgery (1.5.7)

PostgreSQL Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-39417)

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-1939)

WordPress Plugin SRS Simple Hits Counter SQL Injection (1.0.4)

Severity

Medium

Classification

CVE-2007-0658

Tags

Missing Update Known Vulnerabilities