VulnerableCode Package Details - pkg:composer/typo3/cms-core@4.6.0

Search for packages

Vulnerability	Summary	Fixed by
VCID-bznh-qnh6-23bk Aliases: CVE-2013-7080 GHSA-5fj8-wh3g-qvq2	TYPO3 is vulnerable to Mass Assignment in the Extension table administration library The creating record functionality in Extension table administration library (feuser_adminLib.inc) in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, and 6.0.0 through 6.0.11 allows remote attackers to write to arbitrary fields in the configuration database table via crafted links, aka "Mass Assignment."	4.7.16 Affected by 0 other vulnerabilities. 6.0.11 Affected by 0 other vulnerabilities.
VCID-jhzu-e7k8-tygz Aliases: CVE-2013-1843 GHSA-7gxq-5qqc-v3fc	TYPO3 Open redirect vulnerability in the Access tracking mechanism Open redirect vulnerability in the Access tracking mechanism in TYPO3 4.5.x before 4.5.24, 4.6.x before 4.6.17, 4.7.x before 4.7.9, and 6.0.x before 6.0.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.	4.6.17 Affected by 0 other vulnerabilities. 4.7.9 Affected by 0 other vulnerabilities. 6.0.3 Affected by 0 other vulnerabilities.
VCID-zecr-kwwq-z3av Aliases: CVE-2013-1842 GHSA-m64j-j252-jxmr	TYPO3 SQL injection vulnerability in the Extbase Framework SQL injection vulnerability in the Extbase Framework in TYPO3 4.5.x before 4.5.24, 4.6.x before 4.6.17, 4.7.x before 4.7.9, and 6.0.x before 6.0.3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to "the Query Object Model and relation values."	4.6.17 Affected by 0 other vulnerabilities. 4.7.9 Affected by 0 other vulnerabilities. 6.0.3 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-bznh-qnh6-23bk
Aliases:
CVE-2013-7080
GHSA-5fj8-wh3g-qvq2

TYPO3 is vulnerable to Mass Assignment in the Extension table administration library The creating record functionality in Extension table administration library (feuser_adminLib.inc) in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, and 6.0.0 through 6.0.11 allows remote attackers to write to arbitrary fields in the configuration database table via crafted links, aka "Mass Assignment."

4.7.16
Affected by 0 other vulnerabilities.

6.0.11
Affected by 0 other vulnerabilities.

VCID-jhzu-e7k8-tygz
Aliases:
CVE-2013-1843
GHSA-7gxq-5qqc-v3fc

TYPO3 Open redirect vulnerability in the Access tracking mechanism Open redirect vulnerability in the Access tracking mechanism in TYPO3 4.5.x before 4.5.24, 4.6.x before 4.6.17, 4.7.x before 4.7.9, and 6.0.x before 6.0.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

4.6.17
Affected by 0 other vulnerabilities.

4.7.9
Affected by 0 other vulnerabilities.

6.0.3
Affected by 0 other vulnerabilities.

VCID-zecr-kwwq-z3av
Aliases:
CVE-2013-1842
GHSA-m64j-j252-jxmr

TYPO3 SQL injection vulnerability in the Extbase Framework SQL injection vulnerability in the Extbase Framework in TYPO3 4.5.x before 4.5.24, 4.6.x before 4.6.17, 4.7.x before 4.7.9, and 6.0.x before 6.0.3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to "the Query Object Model and relation values."

4.6.17
Affected by 0 other vulnerabilities.

4.7.9
Affected by 0 other vulnerabilities.

6.0.3
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-07-01T18:13:48.214996+00:00	GitLab Importer	Affected by	VCID-zecr-kwwq-z3av	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/cms-core/CVE-2013-1842.yml	36.1.3
2025-07-01T18:13:46.738119+00:00	GitLab Importer	Affected by	VCID-bznh-qnh6-23bk	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/cms-core/CVE-2013-7080.yml	36.1.3
2025-07-01T18:13:45.044322+00:00	GitLab Importer	Affected by	VCID-jhzu-e7k8-tygz	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/cms-core/CVE-2013-1843.yml	36.1.3