Vulnerability Details CVE-2015-6250
simple-php-captcha before commit 9d65a945029c7be7bb6bc893759e74c5636be694 allows remote attackers to automatically generate the captcha response by running the same code on the client-side.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 47.9%
CVSS Severity
CVSS v3 Score 5.3
CVSS v2 Score 5.0
References
- http://www.openwall.com/lists/oss-security/2015/08/17/7
- https://github.com/claviska/simple-php-captcha/commit/9d65a945029c7be7bb6bc893759e74c5636be694
- https://github.com/claviska/simple-php-captcha/issues/16
- http://www.openwall.com/lists/oss-security/2015/08/17/7
- https://github.com/claviska/simple-php-captcha/commit/9d65a945029c7be7bb6bc893759e74c5636be694
- https://github.com/claviska/simple-php-captcha/issues/16
Products affected by CVE-2015-6250
-
cpe:2.3:a:simple-php-captcha_project:simple-php-captcha:-
-
cpe:2.3:a:simple-php-captcha_project:simple-php-captcha:1.0.0
-
cpe:2.3:a:simple-php-captcha_project:simple-php-captcha:1.0.1
-
cpe:2.3:a:simple-php-captcha_project:simple-php-captcha:2015-08-31