VulnerableCode Vulnerability Details - VCID-bznh-qnh6-23bk

Search for vulnerabilities

Vulnerability details: VCID-bznh-qnh6-23bk

Essentials
Severities (7)
References (16)
Severity details (5)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-bznh-qnh6-23bk
Aliases	CVE-2013-7080 GHSA-5fj8-wh3g-qvq2
Summary	TYPO3 is vulnerable to Mass Assignment in the Extension table administration library The creating record functionality in Extension table administration library (feuser_adminLib.inc) in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, and 6.0.0 through 6.0.11 allows remote attackers to write to arbitrary fields in the configuration database table via crafted links, aka "Mass Assignment."
Status	Published
Exploitability	0.5
Weighted Severity	6.2
Risk	3.1
Affected and Fixed Packages	Package Details

Weaknesses (2)

CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
epss	0.00274	https://api.first.org/data/v1/epss?cve=CVE-2013-7080
epss	0.00274	https://api.first.org/data/v1/epss?cve=CVE-2013-7080
generic_textual	MODERATE	http://seclists.org/oss-sec/2013/q4/473
generic_textual	MODERATE	https://github.com/TYPO3-CMS/core
generic_textual	MODERATE	https://nvd.nist.gov/vuln/detail/CVE-2013-7080
generic_textual	MODERATE	http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-004
generic_textual	MODERATE	http://www.debian.org/security/2014/dsa-2834

Reference id	Reference type	URL
		https://api.first.org/data/v1/epss?cve=CVE-2013-7080
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7073
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7074
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7075
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7076
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7078
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7079
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7080
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7081
		http://seclists.org/oss-sec/2013/q4/473
		https://github.com/TYPO3-CMS/core
		https://nvd.nist.gov/vuln/detail/CVE-2013-7080
		http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-004
		http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-004/
		http://www.debian.org/security/2014/dsa-2834
GHSA-5fj8-wh3g-qvq2		https://github.com/advisories/GHSA-5fj8-wh3g-qvq2

No exploits are available.

Exploit Prediction Scoring System (EPSS)

Percentile	0.50537
EPSS Score	0.00274
Published At	June 30, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2025-07-01T12:27:54.825958+00:00	GithubOSV Importer	Import	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-5fj8-wh3g-qvq2/GHSA-5fj8-wh3g-qvq2.json	36.1.3