CVE-2008-3573 (pligg, PHP-Nuke) |
|
| BugsAlert Home > CVE-2008-3573 (pligg, PHP-Nuke) | |
|
The CAPTCHA implementation in (1) Pligg 9.9.5 and possibly (2) Francisco Burzi PHP-Nuke 8.1 provides a critical random number (the ts_random value) within the URL in the SRC attribute of an IMG element, which allows remote attackers to pass the CAPTCHA test via a calculation that combines this value with the current date and the HTTP User-Agent string. Original Source: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3573 Learn more about CVE-2008-3573 (pligg, PHP-Nuke) |
|
| Tags: cve-2008-3573 pligg php-nuke | |
Related Items |
|
|
CVE-2008-0767 (File Server, Print Server)
|
|
|
FrSIRT - phpMyAdmin Multiple Cross-Site Request Forgery Vulnerabilities
|
|
|
TROJ_GAMETHIE.JV
|
|
|
Jetty Multiple Vulnerabilities
|
|
|
Coppermine Photo Gallery Multiple Vulnerabilities
|
|
|
FrSIRT - VMware ESX Server E2fsprogs libext2fs Integer Overflow Vulnerabilities
|
|
|
CVE-2008-4206 (dolphin)
|
|
