Vulnerabilities > Evilsentinel
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-01-18 | CVE-2008-0351 | Improper Authentication vulnerability in Evilsentinel admin/config.php in Evilsentinel 1.0.9 and earlier allows remote attackers to bypass the CAPTCHA test by omitting the es_security_captcha parameter and not invoking captcha.php. | 5.0 |
2008-01-18 | CVE-2008-0350 | Permissions, Privileges, and Access Controls vulnerability in Evilsentinel admin/index.php in Evilsentinel 1.0.9 and earlier sends a redirect to the web browser but does not exit, which allows remote attackers to gain administrative privileges and make arbitrary configuration changes. | 7.5 |