Description
The register method in the UsersModelRegistration class in controllers/user.php in the Users component in Joomla! before 3.6.4, when registration has been disabled, allows remote attackers to create user accounts by leveraging failure to check the Allow User Registration configuration setting.
Remediation
References
Related Vulnerabilities
Oracle JRE CVE-2013-2425 Vulnerability (CVE-2013-2425)
MySQL Other Vulnerability (CVE-2004-0381)
WordPress Plugin Users Ultra Membership Arbitrary File Upload (1.5.58)
Play Framework Improper Restriction of XML External Entity Reference Vulnerability (CVE-2014-3630)
WordPress Plugin Cart66 Lite::WordPress Ecommerce SQL Injection (1.5.1.17)