VIR Vulnerability Intelligence Relay

CVE-2014-6292

medium
Published 2014-10-03 · Modified 2025-04-14
CVSS v3
CVSS v2
6.4
VIR risk
6.4

Description

TYPO3 femanager extension allows remote frontend users to modify or delete records of other frontend users

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: cve@mitre.org — http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-002/

vendor Authored 2026-05-27

Vendor advisory: cve@mitre.org — http://typo3.org/extensions/repository/view/femanager

Package impact
EcosystemPackageVulnerableFixed
php Packagistin2code/femanager<1.0.91.0.9

Application impact
VendorProductVersionsFixed
in2codefemanager{"endIncluding":"1.0.8"}
in2codefemanager1.0.0
in2codefemanager1.0.1
in2codefemanager1.0.2
in2codefemanager1.0.3
in2codefemanager1.0.4
in2codefemanager1.0.5
in2codefemanager1.0.6
in2codefemanager1.0.7

References

Verify integrity in audit chain (admin only). AS-IS.