Description
The creating record functionality in Extension table administration library (feuser_adminLib.inc) in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, and 6.0.0 through 6.0.11 allows remote attackers to write to arbitrary fields in the configuration database table via crafted links, aka "Mass Assignment."
Remediation
References
Related Vulnerabilities
Joomla Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2010-1433)
Joomla! Core 2.5.x Denial of Service (2.5.0 - 2.5.9)
WordPress Plugin BetterDocs-Best Documentation & Knowledge Base Cross-Site Scripting (1.8.4)
phpBB Improper Initialization Vulnerability (CVE-2001-1471)
WordPress Plugin Easy Digital Downloads QR Code Cross-Site Scripting (1.1.0)