CVE-2009-1264

EUVD-2009-1263
Frontend User Registration (sr_feuser_register) extension 2.5.20 and earlier for TYPO3 does not properly verify access rights, which allows remote authenticated users to obtain sensitive information such as passwords via unknown attack vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:S/C:P/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 57%
Affected Products (NVD)
VendorProductVersion
stanislas_rollandsr_feuser_register
𝑥
≤ 2.5.20
stanislas_rollandsr_feuser_register
1.4
stanislas_rollandsr_feuser_register
1.6
stanislas_rollandsr_feuser_register
2.2.1
stanislas_rollandsr_feuser_register
2.2.7
stanislas_rollandsr_feuser_register
2.2.8
stanislas_rollandsr_feuser_register
2.3
stanislas_rollandsr_feuser_register
2.3.6
stanislas_rollandsr_feuser_register
2.4
stanislas_rollandsr_feuser_register
2.5
stanislas_rollandsr_feuser_register
2.5.10
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://osvdb.org/53278
http://secunia.com/advisories/34586
http://typo3.org/extensions/repository/view/sr_feuser_register/2.5.21/
http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-004/
http://www.securityfocus.com/bid/34374
http://www.vupen.com/english/advisories/2009/0938
http://osvdb.org/53278
http://secunia.com/advisories/34586
http://typo3.org/extensions/repository/view/sr_feuser_register/2.5.21/
http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-004/
http://www.securityfocus.com/bid/34374
http://www.vupen.com/english/advisories/2009/0938