Security Advisory

CVE-2017-9091

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2017-05-19 18:00:00

Last updated 2024-09-16 22:20:05

Assigner mitre

State PUBLISHED

/admin/loginc.php in Allen Disk 1.6 doesnt check if isset($_SESSION[captcha][code]) == 1, which leads to CAPTCHA bypass by emptying $_POST[captcha].