VulnerableCode Vulnerability Details - VCID-aeeg-apyz-huda

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-aeeg-apyz-huda

Essentials
Severities (19)
References (6)
Severity details (4)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-aeeg-apyz-huda
Aliases	CVE-2013-4320 GHSA-p9jg-9w87-6rg4
Summary	TYPO3 Improper Access Management in the File Abstraction Layer The File Abstraction Layer (FAL) in TYPO3 6.0.x before 6.0.9 and 6.1.x before 6.1.4 does not properly check permissions, which allows remote authenticated users to create or read arbitrary files via a crafted URL.
Status	Published
Exploitability	0.5
Weighted Severity	6.2
Risk	3.1
Affected and Fixed Packages	Package Details

Weaknesses (4)

CWE-284	Improper Access Control
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-264	Permissions, Privileges, and Access Controls
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
epss	0.00129	https://api.first.org/data/v1/epss?cve=CVE-2013-4320
epss	0.00129	https://api.first.org/data/v1/epss?cve=CVE-2013-4320
epss	0.00129	https://api.first.org/data/v1/epss?cve=CVE-2013-4320
epss	0.00129	https://api.first.org/data/v1/epss?cve=CVE-2013-4320
epss	0.00129	https://api.first.org/data/v1/epss?cve=CVE-2013-4320
epss	0.00129	https://api.first.org/data/v1/epss?cve=CVE-2013-4320
epss	0.00129	https://api.first.org/data/v1/epss?cve=CVE-2013-4320
epss	0.00129	https://api.first.org/data/v1/epss?cve=CVE-2013-4320
epss	0.00129	https://api.first.org/data/v1/epss?cve=CVE-2013-4320
epss	0.00129	https://api.first.org/data/v1/epss?cve=CVE-2013-4320
epss	0.00129	https://api.first.org/data/v1/epss?cve=CVE-2013-4320
epss	0.00129	https://api.first.org/data/v1/epss?cve=CVE-2013-4320
epss	0.00129	https://api.first.org/data/v1/epss?cve=CVE-2013-4320
epss	0.00129	https://api.first.org/data/v1/epss?cve=CVE-2013-4320
epss	0.00129	https://api.first.org/data/v1/epss?cve=CVE-2013-4320
cvssv3.1_qr	MODERATE	https://github.com/advisories/GHSA-p9jg-9w87-6rg4
generic_textual	MODERATE	https://github.com/TYPO3-CMS/core
generic_textual	MODERATE	https://nvd.nist.gov/vuln/detail/CVE-2013-4320
generic_textual	MODERATE	https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-003

Reference id	Reference type	URL
		https://api.first.org/data/v1/epss?cve=CVE-2013-4320
		https://github.com/TYPO3-CMS/core
		https://nvd.nist.gov/vuln/detail/CVE-2013-4320
		https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-003
		https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-003/
GHSA-p9jg-9w87-6rg4		https://github.com/advisories/GHSA-p9jg-9w87-6rg4

No exploits are available.

Exploit Prediction Scoring System (EPSS)

Percentile	0.32372
EPSS Score	0.00129
Published At	April 1, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-04-01T13:11:32.523508+00:00	GithubOSV Importer	Import	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-p9jg-9w87-6rg4/GHSA-p9jg-9w87-6rg4.json	38.0.0