We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-44821



Description

ZZCMS 2023 contains a vulnerability in the captcha reuse logic located in /inc/function.php. The checkyzm function does not properly refresh the captcha value after a failed validation attempt. As a result, an attacker can exploit this flaw by repeatedly submitting the same incorrect captcha response, allowing them to capture the correct captcha value through error messages.

Reserved 2024-08-21 | Published 2024-09-04 | Updated 2024-09-04 | Assigner mitre

References

github.com/.../blob/main/CVE-2024-44821 ZZCMS2023 验证码复用逻辑漏洞.md

cve.org (CVE-2024-44821)

nvd.nist.gov (CVE-2024-44821)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-44821

Support options

Helpdesk Chat, Email, Knowledgebase
Telegram Chat
Subscribe to our newsletter to learn more about our work.