Skip to content

Commit

Permalink
Fix captcha - wasn't reading _GET parameters
Browse files Browse the repository at this point in the history
  • Loading branch information
@g0tmi1k
g0tmi1k committed Sep 11, 2015
1 parent c80e482 commit 7ca0a06
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 0 deletions.
2 changes: 2 additions & 0 deletions vulnerabilities/captcha/source/low.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,8 @@

if( isset( $_POST[ 'Change' ] ) && ( $_POST[ 'step' ] == '2' ) ) {
$hide_form = true;
$pass_new = $_POST[ 'password_new' ];
$pass_conf = $_POST[ 'password_conf' ];
if($pass_new != $pass_conf) {
$html .= "<pre><br />Both passwords must match.</pre>";
$hide_form = false;
Expand Down
3 changes: 3 additions & 0 deletions vulnerabilities/captcha/source/medium.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,9 @@

if( isset( $_POST['Change'] ) && ( $_POST['step'] == '2' ) ) {
$hide_form = true;
$pass_new = $_POST[ 'password_new' ];
$pass_conf = $_POST[ 'password_conf' ];

if(!$_POST['passed_captcha']) {
$html .= "<pre><br />You have not passed the CAPTCHA. Bad hacker, no doughnut.</pre>";
$hide_form = false;
Expand Down

0 comments on commit 7ca0a06

Please sign in to comment.