Description

The (1) Textimage 4.7.x before 4.7-1.2 and 5.x before 5.x-1.1 module for Drupal and the (2) Captcha 4.7.x before 4.7-1.2 and 5.x before 5.x-1.1 module for Drupal allow remote attackers to bypass the CAPTCHA test via an empty captcha element in $_SESSION.

Remediation

References

CVE-2007-0658

Related Vulnerabilities

Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-27848)

WordPress 3.8.x Denial of Service Vulnerability (3.8 - 3.8.25)

WordPress Plugin SocialFit 'msg' Parameter Cross-Site Scripting (1.2.2)

MySQL CVE-2023-22046 Vulnerability (CVE-2023-22046)

TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4632)

Severity

Medium

Classification

CVE-2007-0658

Tags

Missing Update Known Vulnerabilities