Fix registration and login pages
Fix the registration and login page there isn't a CAPTHCA or even a CAPTCHA on the page to respond to but access is denied anyway.
Soooo much promise but I can't get in because there's no captcha
Peter Akey commented
This needs more votes. Registration is still busted.
Mitchell Peabody commented
This is still an issue. It's impossible to create an account without google or yahoo.
Chrome console log reports: login-local.php:1 Mixed Content: The page at 'https://www.cvedetails.com/login-local.php'; was loaded over HTTPS, but requested an insecure script 'http://www.google.com/recaptcha/api/challenge?k=6Lfexb8SAAAAAJOeeWSNCkoaode6zab-zXXdj_aa'. This request has been blocked; the content must be served over HTTPS.
This is why the recaptcha is not showing when people try login.
Additionally the captcha-codes can't be retrieved anymore, as Google seemed to change their captcha procedure. Please fix your Registration site.
Ben Durnell commented
Still an issue, the code is being referenced as http but the site uses https so it's blocked by the browser. The site also redirects you to https so you can't even sign up over http.
Derek Manning commented
This is still an issue...
John Hinckley commented
This is kind of embarrassing TBH. CVE is the #1 DB for security vulns an their registration captcha is busted? I'm going to assume the admins don't care because the OP posted this on 8/14/17 and it's now 10/3/17....still busted.
Actually the captcha is shown via insecure HTTP but this is obviously not recommended.
Please, provide a secure possibility to sign up, especially as your role as a security (!) database.