Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-7081)

Description

The (old) Form Content Element component in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6 allows remote authenticated editors to generate arbitrary HMAC signatures and bypass intended access restrictions via unspecified vectors.

Remediation

References

Related Vulnerabilities

phpMyAdmin Other Vulnerability (CVE-2006-1258)

WordPress 3.9.x Multiple Vulnerabilities (3.9 - 3.9.21)

Joomla! Core 1.0.x Multiple Unspecified Vulnerabilities (1.0.0 - 1.0.5)

WordPress Plugin Captcha by BestWebSoft SQL Injection (4.1.7)

IBM RTC Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-7440)

Severity

Medium

Classification

CVE-2013-7081 CWE-264

Tags

Missing Update Known Vulnerabilities