Packagist (Composer) package
sjbr/sr-feuser-register
pkg:composer/sjbr/sr-feuser-register
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-48205 | Hig | 8.6 | >= 5.1.0, < 12.5.0 | 12.5.0 | May 21, 2025 | The sr_feuser_register extension through 12.4.8 for TYPO3 allows Insecure Direct Object Reference. | |
| CVE-2025-48200 | Cri | 10.0 | >= 5.1.0, < 12.5.0 | 12.5.0 | May 21, 2025 | The sr_feuser_register extension through 12.4.8 for TYPO3 allows Remote Code Execution. | |
| CVE-2012-5890 | — | < 2.6.2 | 2.6.2 | Nov 17, 2012 | The Front End User Registration (sr_feuser_register) extension before 2.6.2 for TYPO3 allows remote attackers to obtain user names and passwords via the (1) edit perspective or (2) autologin feature. | ||
| CVE-2009-1264 | — | < 2.5.21 | 2.5.21 | Apr 7, 2009 | Frontend User Registration (sr_feuser_register) extension 2.5.20 and earlier for TYPO3 does not properly verify access rights, which allows remote authenticated users to obtain sensitive information such as passwords via unknown attack vectors. |
- affected >= 5.1.0, < 12.5.0fixed 12.5.0
The sr_feuser_register extension through 12.4.8 for TYPO3 allows Insecure Direct Object Reference.
- affected >= 5.1.0, < 12.5.0fixed 12.5.0
The sr_feuser_register extension through 12.4.8 for TYPO3 allows Remote Code Execution.
- CVE-2012-5890Nov 17, 2012affected < 2.6.2fixed 2.6.2
The Front End User Registration (sr_feuser_register) extension before 2.6.2 for TYPO3 allows remote attackers to obtain user names and passwords via the (1) edit perspective or (2) autologin feature.
- CVE-2009-1264Apr 7, 2009affected < 2.5.21fixed 2.5.21
Frontend User Registration (sr_feuser_register) extension 2.5.20 and earlier for TYPO3 does not properly verify access rights, which allows remote authenticated users to obtain sensitive information such as passwords via unknown attack vectors.