QwikSec

Security Database

CVE

CWE

Training

CVE-2007-0658

Published: Feb 1, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

The (1) Textimage 4.7.x before 4.7-1.2 and 5.x before 5.x-1.1 module for Drupal and the (2) Captcha 4.7.x before 4.7-1.2 and 5.x before 5.x-1.1 module for Drupal allow remote attackers to bypass the CAPTCHA test via an empty captcha element in $_SESSION.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://cvs.drupal.org/viewcvs/drupal/contributions/modules/textimage/captcha.inc?r1=1.1&r2=1.1.2.1

x_refsource_CONFIRM

vdb-entry

x_refsource_OSVDB

captcha-response-security-bypass(31994)

vdb-entry

x_refsource_XF

third-party-advisory

x_refsource_SECUNIA

http://drupal.org/node/114519

x_refsource_CONFIRM

third-party-advisory

x_refsource_SECUNIA

http://drupal.org/node/114364

x_refsource_CONFIRM

vdb-entry

x_refsource_BID

vdb-entry

x_refsource_VUPEN

vdb-entry

x_refsource_OSVDB

http://cvs.drupal.org/viewcvs/drupal/contributions/modules/captcha/captcha.module?r1=1.25.2.1&r2=1.25.2.2

x_refsource_CONFIRM

textimage-captcha-security-bypass(31984)

vdb-entry

x_refsource_XF

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.