CVE-2013-7080

Опубликовано: 23 дек. 2013

Источник: nvd

CVSS2: 5.8

EPSS Низкий

Описание

The creating record functionality in Extension table administration library (feuser_adminLib.inc) in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, and 6.0.0 through 6.0.11 allows remote attackers to write to arbitrary fields in the configuration database table via crafted links, aka "Mass Assignment."

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:typo3:typo3:6.0:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:6.0.1:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:6.0.2:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:6.0.3:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:6.0.4:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:6.0.5:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:6.0.6:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:6.0.7:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:6.0.8:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:6.0.9:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:6.0.10:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:6.0.11:*:*:*:*:*:*:*

Конфигурация 2

Одно из

cpe:2.3:a:typo3:typo3:4.5.0:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:4.5.1:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:4.5.2:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:4.5.3:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:4.5.4:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:4.5.5:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:4.5.6:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:4.5.7:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:4.5.8:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:4.5.9:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:4.5.10:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:4.5.11:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:4.5.12:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:4.5.13:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:4.5.14:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:4.5.15:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:4.5.16:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:4.5.17:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:4.5.18:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:4.5.19:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:4.5.20:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:4.5.21:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:4.5.22:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:4.5.23:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:4.5.24:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:4.5.25:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:4.5.26:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:4.5.27:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:4.5.28:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:4.5.29:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:4.5.30:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:4.5.31:*:*:*:*:*:*:*

Конфигурация 3

Одно из

cpe:2.3:a:typo3:typo3:4.7.0:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:4.7.1:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:4.7.2:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:4.7.3:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:4.7.4:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:4.7.5:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:4.7.6:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:4.7.7:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:4.7.8:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:4.7.9:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:4.7.10:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:4.7.11:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:4.7.12:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:4.7.13:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:4.7.14:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:4.7.15:*:*:*:*:*:*:*

cpe:2.3:a:typo3:typo3:4.7.16:*:*:*:*:*:*:*

EPSS

Процентиль: 50%

0.00274

Низкий

5.8 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

CVE-2013-7080

ubuntu

около 12 лет назад

CVE-2013-7080

debian

около 12 лет назад

The creating record functionality in Extension table administration li ...

GHSA-5fj8-wh3g-qvq2

github

больше 3 лет назад

TYPO3 is vulnerable to Mass Assignment in the Extension table administration library

EPSS

Процентиль: 50%

0.00274

Низкий

5.8 Medium

CVSS2

Дефекты

NVD-CWE-noinfo