VYPR

Users component

by Joomla

Source repositories

CVEs (2)

  • CVE-2016-8869CriNov 4, 2016
    risk 0.74cvss 9.8epss 0.97

    The register method in the UsersModelRegistration class in controllers/user.php in the Users component in Joomla! before 3.6.4 allows remote attackers to gain privileges by leveraging incorrect use of unfiltered data when registering on a site.

  • CVE-2016-8870HigNov 4, 2016
    risk 0.62cvss 8.1epss 0.82

    The register method in the UsersModelRegistration class in controllers/user.php in the Users component in Joomla! before 3.6.4, when registration has been disabled, allows remote attackers to create user accounts by leveraging failure to check the Allow User Registration…