Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-wxg4-7yap-3qdx

Summary cross-site scripting

Aliases

alias	CVE-2013-1464

Fixed_packages

Affected_packages

url pkg:deb/debian/typo3-src@4.0.2%2Bdebian-3

purl pkg:deb/debian/typo3-src@4.0.2%2Bdebian-3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-133h-9erq-2fhy

vulnerability	VCID-4auu-re6t-p3gu

vulnerability	VCID-5rae-psy2-dba5

vulnerability	VCID-75re-n41m-y3et

vulnerability	VCID-8ahj-xadv-xbhr

vulnerability	VCID-9j2h-q1n5-kbgt

vulnerability	VCID-d79s-4kzk-hugy

vulnerability	VCID-ftr5-c6nt-gbh4

vulnerability	VCID-m3dg-q4eg-wyfb

vulnerability	VCID-mrst-4yau-ubce

vulnerability	VCID-p8m8-y53c-cubn

vulnerability	VCID-vgwd-1z7m-gkh8

vulnerability	VCID-wxg4-7yap-3qdx

vulnerability	VCID-y9d1-wwne-hba5

vulnerability	VCID-yadx-n3tq-rkdb

vulnerability	VCID-zqqe-vew2-nbfk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/typo3-src@4.0.2%252Bdebian-3

url pkg:deb/debian/typo3-src@4.0.2%2Bdebian-9

purl pkg:deb/debian/typo3-src@4.0.2%2Bdebian-9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-133h-9erq-2fhy

vulnerability	VCID-4auu-re6t-p3gu

vulnerability	VCID-5rae-psy2-dba5

vulnerability	VCID-75re-n41m-y3et

vulnerability	VCID-8ahj-xadv-xbhr

vulnerability	VCID-9j2h-q1n5-kbgt

vulnerability	VCID-d79s-4kzk-hugy

vulnerability	VCID-ftr5-c6nt-gbh4

vulnerability	VCID-m3dg-q4eg-wyfb

vulnerability	VCID-mrst-4yau-ubce

vulnerability	VCID-p8m8-y53c-cubn

vulnerability	VCID-vgwd-1z7m-gkh8

vulnerability	VCID-wxg4-7yap-3qdx

vulnerability	VCID-y9d1-wwne-hba5

vulnerability	VCID-yadx-n3tq-rkdb

vulnerability	VCID-zqqe-vew2-nbfk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/typo3-src@4.0.2%252Bdebian-9

url pkg:deb/debian/typo3-src@4.2.5-1%2Blenny9

purl pkg:deb/debian/typo3-src@4.2.5-1%2Blenny9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-133h-9erq-2fhy

vulnerability	VCID-4auu-re6t-p3gu

vulnerability	VCID-5rae-psy2-dba5

vulnerability	VCID-75re-n41m-y3et

vulnerability	VCID-8ahj-xadv-xbhr

vulnerability	VCID-9j2h-q1n5-kbgt

vulnerability	VCID-d79s-4kzk-hugy

vulnerability	VCID-ftr5-c6nt-gbh4

vulnerability	VCID-m3dg-q4eg-wyfb

vulnerability	VCID-mrst-4yau-ubce

vulnerability	VCID-p8m8-y53c-cubn

vulnerability	VCID-vgwd-1z7m-gkh8

vulnerability	VCID-wxg4-7yap-3qdx

vulnerability	VCID-y9d1-wwne-hba5

vulnerability	VCID-yadx-n3tq-rkdb

vulnerability	VCID-zqqe-vew2-nbfk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/typo3-src@4.2.5-1%252Blenny9

url pkg:deb/debian/typo3-src@4.3.9%2Bdfsg1-1%2Bsqueeze9

purl pkg:deb/debian/typo3-src@4.3.9%2Bdfsg1-1%2Bsqueeze9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-133h-9erq-2fhy

vulnerability	VCID-4auu-re6t-p3gu

vulnerability	VCID-5rae-psy2-dba5

vulnerability	VCID-75re-n41m-y3et

vulnerability	VCID-8ahj-xadv-xbhr

vulnerability	VCID-9j2h-q1n5-kbgt

vulnerability	VCID-d79s-4kzk-hugy

vulnerability	VCID-ftr5-c6nt-gbh4

vulnerability	VCID-m3dg-q4eg-wyfb

vulnerability	VCID-mrst-4yau-ubce

vulnerability	VCID-p8m8-y53c-cubn

vulnerability	VCID-vgwd-1z7m-gkh8

vulnerability	VCID-wxg4-7yap-3qdx

vulnerability	VCID-y9d1-wwne-hba5

vulnerability	VCID-yadx-n3tq-rkdb

vulnerability	VCID-zqqe-vew2-nbfk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/typo3-src@4.3.9%252Bdfsg1-1%252Bsqueeze9

References

reference_url	http://insight-labs.org/?p=738
reference_id
reference_type
scores
url	http://insight-labs.org/?p=738

reference_url	http://packetstormsecurity.com/files/120129/WordPress-Audio-Player-SWF-Cross-Site-Scripting.html
reference_id
reference_type
scores
url	http://packetstormsecurity.com/files/120129/WordPress-Audio-Player-SWF-Cross-Site-Scripting.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-1464

reference_id

reference_type

scores

value	0.0352
scoring_system	epss
scoring_elements	0.87675
published_at	2026-04-24T12:55:00Z

value	0.0352
scoring_system	epss
scoring_elements	0.8759
published_at	2026-04-01T12:55:00Z

value	0.0352
scoring_system	epss
scoring_elements	0.876
published_at	2026-04-02T12:55:00Z

value	0.0352
scoring_system	epss
scoring_elements	0.87613
published_at	2026-04-04T12:55:00Z

value	0.0352
scoring_system	epss
scoring_elements	0.87616
published_at	2026-04-07T12:55:00Z

value	0.0352
scoring_system	epss
scoring_elements	0.87635
published_at	2026-04-08T12:55:00Z

value	0.0352
scoring_system	epss
scoring_elements	0.87641
published_at	2026-04-09T12:55:00Z

value	0.0352
scoring_system	epss
scoring_elements	0.87653
published_at	2026-04-11T12:55:00Z

value	0.0352
scoring_system	epss
scoring_elements	0.87647
published_at	2026-04-12T12:55:00Z

value	0.0352
scoring_system	epss
scoring_elements	0.87645
published_at	2026-04-13T12:55:00Z

value	0.0352
scoring_system	epss
scoring_elements	0.8766
published_at	2026-04-18T12:55:00Z

value	0.0352
scoring_system	epss
scoring_elements	0.87658
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-1464

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1464
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1464

reference_url	http://secunia.com/advisories/52083
reference_id
reference_type
scores
url	http://secunia.com/advisories/52083

reference_url	http://secunia.com/advisories/58854
reference_id
reference_type
scores
url	http://secunia.com/advisories/58854

reference_url	http://wordpress.org/extend/plugins/audio-player/changelog/
reference_id
reference_type
scores
url	http://wordpress.org/extend/plugins/audio-player/changelog/

reference_url	http://www.securityfocus.com/bid/57848
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/57848

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:doryphores:audio_player::::::::
reference_id	cpe:2.3:a:doryphores:audio_player::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:doryphores:audio_player::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:doryphores:audio_player:2.0.1.0:::::::*
reference_id	cpe:2.3:a:doryphores:audio_player:2.0.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:doryphores:audio_player:2.0.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:doryphores:audio_player:2.0.2.0:::::::*
reference_id	cpe:2.3:a:doryphores:audio_player:2.0.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:doryphores:audio_player:2.0.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:doryphores:audio_player:2.0.3.0:::::::*
reference_id	cpe:2.3:a:doryphores:audio_player:2.0.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:doryphores:audio_player:2.0.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:doryphores:audio_player:2.0.3.1:::::::*
reference_id	cpe:2.3:a:doryphores:audio_player:2.0.3.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:doryphores:audio_player:2.0.3.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:doryphores:audio_player:2.0.4.0:::::::*
reference_id	cpe:2.3:a:doryphores:audio_player:2.0.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:doryphores:audio_player:2.0.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:doryphores:audio_player:2.0.4.1:::::::*
reference_id	cpe:2.3:a:doryphores:audio_player:2.0.4.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:doryphores:audio_player:2.0.4.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:doryphores:audio_player:2.0.4.3:::::::*
reference_id	cpe:2.3:a:doryphores:audio_player:2.0.4.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:doryphores:audio_player:2.0.4.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:doryphores:audio_player:2.0.4.4:::::::*
reference_id	cpe:2.3:a:doryphores:audio_player:2.0.4.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:doryphores:audio_player:2.0.4.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:-:::::::*
reference_id	cpe:2.3:a:wordpress:wordpress:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:-:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2013-1464

reference_id

CVE-2013-1464

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2013-1464

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/38300.txt
reference_id	CVE-2013-1464;OSVDB-89963
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/38300.txt

reference_url	https://www.securityfocus.com/bid/57848/info
reference_id	CVE-2013-1464;OSVDB-89963
reference_type	exploit
scores
url	https://www.securityfocus.com/bid/57848/info

Weaknesses

cwe_id	79
name	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
description	The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

Exploits

date_added	2013-01-31
description	WordPress Plugin Audio Player - 'playerID' Cross-Site Scripting
required_action	`null`
due_date	`null`
notes	`null`
known_ransomware_campaign_use	`true`
source_date_published	2013-01-31
exploit_type	webapps
platform	php
source_date_updated	2015-09-23
data_source	Exploit-DB
source_url	https://www.securityfocus.com/bid/57848/info

Severity_range_score 4.3 - 4.3

Exploitability 2.0

Weighted_severity 3.9

Risk_score 7.8

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wxg4-7yap-3qdx

Vulnerability Instance