I've found an arbitrary code execution vulnerability in Register, Register_mod_XH and Register_XH.
Recommended solution: upgrade to Register_XH 1.4rc5.
Alternative solution, if upgrading is no option: change the setting of "captcha mode" to "image" or "none".
A place for security related announcements and discussions - please check this forum frequently!
1 post • Page 1 of 1