Vulnerabilities > In2Code
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-12 | CVE-2022-44543 | Unspecified vulnerability in In2Code Femanager The femanager extension before 5.5.2, 6.x before 6.3.3, and 7.x before 7.0.1 for TYPO3 allows creation of frontend users in restricted groups (if there is a usergroup field on the registration form). | 5.3 |
| 2023-02-02 | CVE-2023-25013 | Missing Authentication for Critical Function vulnerability in In2Code Femanager An issue was discovered in the femanager extension before 5.5.3, 6.x before 6.3.4, and 7.x before 7.1.0 for TYPO3. | 7.5 |
| 2023-02-02 | CVE-2023-25014 | Missing Authentication for Critical Function vulnerability in In2Code Femanager An issue was discovered in the femanager extension before 5.5.3, 6.x before 6.3.4, and 7.x before 7.1.0 for TYPO3. | 7.5 |
| 2022-07-12 | CVE-2022-35628 | SQL Injection vulnerability in In2Code Living User Experience A SQL injection issue was discovered in the lux extension before 17.6.1, and 18.x through 24.x before 24.0.2, for TYPO3. | 7.5 |
| 2021-08-13 | CVE-2021-36787 | Cross-site Scripting vulnerability in In2Code Femanager The femanager extension before 5.5.1 and 6.x before 6.3.1 for TYPO3 allows XSS via a crafted SVG document. | 3.5 |
| 2014-10-03 | CVE-2014-6292 | Unspecified vulnerability in In2Code Femanager The femanager extension before 1.0.9 for TYPO3 allows remote frontend users to modify or delete the records of other frontend users via unspecified vectors. | 6.4 |
| 2008-05-13 | CVE-2008-2182 | Cross-Site Scripting vulnerability in In2Code Powermail Cross-site scripting (XSS) vulnerability in the powermail extension before 1.1.10 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |