admin/config.php in Evilsentinel 1.0.9 and previous versions allows remote malicious users to bypass the CAPTCHA test by omitting the es_security_captcha parameter and not invoking captcha.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
evilsentinel evilsentinel |