Produkt Evilsentinel (...) - CVEMAP.ORG

Podatności dla 'Evilsentinel'

2008-01-17

CVE-2008-0351

CWE-287

admin/config.php in Evilsentinel 1.0.9 and earlier allows remote attackers to bypass the CAPTCHA test by omitting the es_security_captcha parameter and not invoking captcha.php.

CVE-2008-0350

CWE-264

admin/index.php in Evilsentinel 1.0.9 and earlier sends a redirect to the web browser but does not exit, which allows remote attackers to gain administrative privileges and make arbitrary configuration changes.

Copyright 2024, cxsecurity.com