The Front End User Registration extension for TYPO3 (sr_feuser_register) Remote Code Execution

The srfeuserregister extension through 12.4.8 for TYPO3 allows Remote Code Execution via unsafe deserialization...

GHSA-CVGC-MX2W-H3W8 The Front End User Registration extension for TYPO3 (sr_feuser_register) allows Insecure Direct Object Reference

The srfeuserregister extension through 12.4.8 for TYPO3 allows Insecure Direct Object Reference. This allows attackers to read arbitrary files...

CVE-2024-11293 Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction Social Sites Login <= 1.7.9 - Authentication Bypass via WordPress.com OAuth provider

The Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction Social Sites Login plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.7.9. This is due to insufficient...

OpenEMR Access Control Error Vulnerability (CNVD-2023-40910)

OpenEMR is an open source medical management system from the OpenEMR community. The system can be used for medical practice management, electronic medical records, prescription writing and medical billing requests. An Access Control Error vulnerability exists in OpenEMR versions prior to 7.0.1,...

OpenEMR 访问控制错误漏洞

OpenEMR is an open source medical management system from the OpenEMR community. The system can be used for medical practice management, electronic medical records, prescription writing and medical billing requests. An Access Control Error vulnerability exists in OpenEMR versions prior to 7.0.1,...

Front End User Registration (sr_feuser_register) extension for TYPO3 allows remote attackers to obtain user names, passwords

The Front End User Registration srfeuserregister extension before 2.6.2 for TYPO3 allows remote attackers to obtain user names and passwords via the 1 edit perspective or 2 autologin feature...

October CMS User Plugin 1.4.5 - Persistent Cross-Site Scripting

Exploit Title: October CMS User Plugin v1.4.5 - Persistent Cross-Site Scripting Date: 2018-04-03 Author: 0xB9 Software Link: https://octobercms.com/plugin/rainlab-user Version: 1.4.5 Tested on: Ubuntu 17.10 CVE: CVE-2018-10366 1. Description: Front-end user management for October CMS. Allows...

Design/Logic Flaw

An issue was discovered in the Users aka Front-end user management plugin 1.4.5 for October CMS. XSS exists in the name field...

WordPress Plugin Work The Flow File Upload 2.5.2 - Arbitrary File Upload

WordPress Plugin Work The Flow File Upload 2.5.2 - Arbitrary File Upload Exploit Title : Wordpress Work the flow file upload 2.5.2 Shell Upload Vulnerability Exploit Author : Claudio Viviani Software Link : https://downloads.wordpress.org/plugin/work-the-flow-file-upload.2.5.2.zip Date : 2015-03-...

phpwcms 'preg_replace()'multiple remote PHP code injection vulnerability-vulnerability warning-the black bar safety net

phpwcms is an open source content management system. phpwcms 1.5.4.6 and other versions in the realization on the presence of a plurality of code injection vulnerability, an authenticated remote attacker can use the"backend user""admin user""backend user"account exploit these...

CVE-2012-5890

The Front End User Registration srfeuserregister extension before 2.6.2 for TYPO3 allows remote attackers to obtain user names and passwords via the 1 edit perspective or 2 autologin feature...

Information disclosure vulnerabilities in extension "Front End User Registration" (sr_feuser_register)

It has been discovered that the extension "Front End User Registration" srfeuserregister is vulnerable to information disclosure Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: Version 2.6.1 and below Vulnerability Type:...