VulnerableCode Package Details - pkg:composer/typo3/cms@6.1.6

Search for packages

Vulnerability	Summary	Fixed by
VCID-p8m8-y53c-cubn Aliases: CVE-2013-7073 GHSA-4rpv-g4gq-rh4m	TYPO3 vulnerable to Information Disclosure via Content Editing Wizards component The Content Editing Wizards component in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6 does not check permissions, which allows remote authenticated editors to read arbitrary TYPO3 table columns via unspecified parameters.	6.1.7 Affected by 0 other vulnerabilities.
VCID-y9d1-wwne-hba5 Aliases: CVE-2013-7074 GHSA-r8m7-792j-5jvq	several	6.1.7 Affected by 0 other vulnerabilities.
VCID-zqqe-vew2-nbfk Aliases: CVE-2013-7075 GHSA-47ww-mq32-g4xw	TYPO3 vulnerable to Insecure Unserialize via Content Editing Wizards component The Content Editing Wizards component in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6 allows remote authenticated backend users to unserialize arbitrary PHP objects, delete arbitrary files, and possibly have other unspecified impacts via an unspecified parameter, related to a "missing signature."	6.1.7 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-p8m8-y53c-cubn
Aliases:
CVE-2013-7073
GHSA-4rpv-g4gq-rh4m

TYPO3 vulnerable to Information Disclosure via Content Editing Wizards component The Content Editing Wizards component in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6 does not check permissions, which allows remote authenticated editors to read arbitrary TYPO3 table columns via unspecified parameters.

6.1.7
Affected by 0 other vulnerabilities.

VCID-y9d1-wwne-hba5
Aliases:
CVE-2013-7074
GHSA-r8m7-792j-5jvq

several

6.1.7
Affected by 0 other vulnerabilities.

VCID-zqqe-vew2-nbfk
Aliases:
CVE-2013-7075
GHSA-47ww-mq32-g4xw

TYPO3 vulnerable to Insecure Unserialize via Content Editing Wizards component The Content Editing Wizards component in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6 allows remote authenticated backend users to unserialize arbitrary PHP objects, delete arbitrary files, and possibly have other unspecified impacts via an unspecified parameter, related to a "missing signature."

6.1.7
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-04T14:31:45.285266+00:00	GHSA Importer	Affected by	VCID-zqqe-vew2-nbfk	https://github.com/advisories/GHSA-47ww-mq32-g4xw	38.1.0
2026-04-04T14:31:32.471388+00:00	GHSA Importer	Affected by	VCID-p8m8-y53c-cubn	https://github.com/advisories/GHSA-4rpv-g4gq-rh4m	38.1.0
2026-04-04T14:31:11.987114+00:00	GHSA Importer	Affected by	VCID-y9d1-wwne-hba5	https://github.com/advisories/GHSA-r8m7-792j-5jvq	38.1.0
2026-04-03T21:26:08.272727+00:00	GitLab Importer	Affected by	VCID-zqqe-vew2-nbfk	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/cms/CVE-2013-7075.yml	38.1.0
2026-04-03T21:26:02.291175+00:00	GitLab Importer	Affected by	VCID-y9d1-wwne-hba5	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/cms/CVE-2013-7074.yml	38.1.0
2026-04-01T12:50:43.211877+00:00	GitLab Importer	Affected by	VCID-p8m8-y53c-cubn	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/cms/CVE-2013-7073.yml	38.0.0