Loading HuntDB...

GHSA-6g49-7hrc-9j92

GitHub Security Advisory

⚠ Unreviewed MODERATE Has CVE

Advisory Details

ZZCMS 2023 contains a vulnerability in the captcha reuse logic located in /inc/function.php. The checkyzm function does not properly refresh the captcha value after a failed validation attempt. As a result, an attacker can exploit this flaw by repeatedly submitting the same incorrect captcha response, allowing them to capture the correct captcha value through error messages.

Related CVEs

Key Information

GHSA ID
GHSA-6g49-7hrc-9j92
Published
September 4, 2024 6:30 PM
Last Modified
September 4, 2024 6:30 PM
CVSS Score
5.0 /10
Primary Ecosystem
Unknown
Primary Package
Unknown
GitHub Reviewed
✗ No

Dataset

Last updated: June 16, 2025 6:25 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.