Lucene search
GitHub Advisory DatabaseGHSA-5FJ8-WH3G-QVQ2HistoryMay 17, 2022 - 4:54 a.m.
TYPO3 is vulnerable to Mass Assignment in the Extension table administration library
2022-05-1704:54:37
GitHub Advisory Database
github.com
5
0.002 Low
EPSS
Percentile
64.4%
The creating record functionality in Extension table administration library (feuser_adminLib.inc) in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, and 6.0.0 through 6.0.11 allows remote attackers to write to arbitrary fields in the configuration database table via crafted links, aka “Mass Assignment.”
| CPE | Name | Operator | Version |
|---|---|---|---|
| typo3/cms-core | lt | 6.0.11 | |
| typo3/cms-core | lt | 4.7.16 | |
| typo3/cms-core | lt | 4.5.31 |
Related
prion
prion
Design/Logic Flaw
2013-12-23 23:55:00
osv
osv
ubuntucve
ubuntucve
CVE-2013-7080
2013-12-23 00:00:00
openvas
openvas
TYPO3 feuser_adminLib Authorization Bypass Vulnerability
2014-01-06 00:00:00
Debian Security Advisory DSA 2834-1 (typo3-src - several vulnerabilities)
2014-01-01 00:00:00
Debian: Security Advisory (DSA-2834-1)
2013-12-31 00:00:00
cve
cve
CVE-2013-7080
2013-12-23 23:55:00
cvelist
cvelist
CVE-2013-7080
2013-12-23 23:00:00
securityvulns
securityvulns
[SECURITY] [DSA 2834-1] typo3-src security update
2014-01-09 00:00:00
debian
debian
[SECURITY] [DSA 2834-1] typo3-src security update
2014-01-01 16:19:19
[SECURITY] [DSA 2834-1] typo3-src security update
2014-01-01 16:19:37
nessus
nessus
Debian DSA-2834-1 : typo3-src - several vulnerabilities
2014-01-02 00:00:00
typo3
typo3
Multiple Vulnerabilities in TYPO3 CMS
2013-12-10 00:00:00