Vulnerabilities > Allen Disk Project > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-19 | CVE-2017-9091 | Improper Input Validation vulnerability in Allen Disk Project Allen Disk 1.6 /admin/loginc.php in Allen Disk 1.6 doesn't check if isset($_SESSION['captcha']['code']) == 1, which leads to CAPTCHA bypass by emptying $_POST['captcha']. | 7.5 |
| 2017-05-19 | CVE-2017-9090 | Improper Input Validation vulnerability in Allen Disk Project Allen Disk 1.6 reg.php in Allen Disk 1.6 doesn't check if isset($_SESSION['captcha']['code'])==1, which makes it possible to bypass the CAPTCHA via an empty $_POST['captcha']. | 7.5 |