Skip to main content

Femanager

4 CVEs product

Monthly

CVE-2023-25014 PHP HIGH PATCH This Week

An issue was discovered in the femanager extension before 5.5.3, 6.x before 6.3.4, and 7.x before 7.1.0 for TYPO3. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.

Authentication Bypass Femanager
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-25013 PHP HIGH PATCH This Week

An issue was discovered in the femanager extension before 5.5.3, 6.x before 6.3.4, and 7.x before 7.1.0 for TYPO3. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.

Authentication Bypass Femanager
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2021-36787 PHP MEDIUM POC PATCH This Month

The femanager extension before 5.5.1 and 6.x before 6.3.1 for TYPO3 allows XSS via a crafted SVG document. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Femanager
NVD
CVSS 3.1
5.4
EPSS
1.3%
CVE-2014-6292 PHP MEDIUM PATCH This Month

The femanager extension before 1.0.9 for TYPO3 allows remote frontend users to modify or delete the records of other frontend users via unspecified vectors. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Femanager
NVD
CVSS 2.0
6.4
EPSS
0.4%
EPSS 1% CVSS 7.5
HIGH PATCH This Week

An issue was discovered in the femanager extension before 5.5.3, 6.x before 6.3.4, and 7.x before 7.1.0 for TYPO3. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.

Authentication Bypass Femanager
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

An issue was discovered in the femanager extension before 5.5.3, 6.x before 6.3.4, and 7.x before 7.1.0 for TYPO3. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.

Authentication Bypass Femanager
NVD
EPSS 1% CVSS 5.4
MEDIUM POC PATCH This Month

The femanager extension before 5.5.1 and 6.x before 6.3.1 for TYPO3 allows XSS via a crafted SVG document. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Femanager
NVD
EPSS 0% CVSS 6.4
MEDIUM PATCH This Month

The femanager extension before 1.0.9 for TYPO3 allows remote frontend users to modify or delete the records of other frontend users via unspecified vectors. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Femanager
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy