Evilsentinel » Evilsentinel : Security Vulnerabilities, CVEs,
admin/config.php in Evilsentinel 1.0.9 and earlier allows remote attackers to bypass the CAPTCHA test by omitting the es_security_captcha parameter and not invoking captcha.php.
Max CVSS
5.0
EPSS Score
0.24%
Published
2008-01-18
Updated
2017-09-29
admin/index.php in Evilsentinel 1.0.9 and earlier sends a redirect to the web browser but does not exit, which allows remote attackers to gain administrative privileges and make arbitrary configuration changes.
Max CVSS
7.5
EPSS Score
0.52%
Published
2008-01-18
Updated
2017-09-29
2 vulnerabilities found