CVE-2005-4163

Name of the Vulnerable Software and Affected Versions Captcha PHP version 0.9

Description A directory traversal issue exists in the captcha.php file of Captcha PHP, allowing remote attackers to read arbitrary files. This is achieved by manipulating the tcf parameter.

Recommendations For Captcha PHP version 0.9, consider restricting access to the vulnerable captcha.php file until a patch is available. As a temporary workaround, avoid using the tcf parameter in the affected API endpoint until the issue is resolved.