Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Arbitrary File Read Arbitrary File Write Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities Ldap Injection Malware Missing Update Owasp Api Bfla Owasp Api Bola Owasp Api Broken Auth Owasp Api Broken Object Prop Auth Owasp Api Dos Owasp Api Improper Inventory Management Owasp Api Misconfiguration Owasp Api Ssrf Path Traversal Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Tornado Improper Input Validation Vulnerability (CVE-2012-2374) CVE-2012-2374 CWE-20 CWE-20 Medium Tornado Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-28476) CVE-2020-28476 CWE-444 CWE-444 High Tornado Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2014-9720) CVE-2014-9720 Medium Tornado URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2023-28370) CVE-2023-28370 CWE-601 CWE-601 Medium Tornado weak secret key CWE-693 CWE-693 Medium Total.js Directory Traversal (CVE-2019-8903) CVE-2019-8903 CWE-22 CWE-22 High Trac CVE-2009-4405 Vulnerability (CVE-2009-4405) CVE-2009-4405 High Trace.axd Detected CWE-215 CWE-215 High TRACE Method enabled CWE-489 CWE-489 Low Trac Incorrect Default Permissions Vulnerability (CVE-2010-5108) CVE-2010-5108 CWE-276 CWE-276 High TRACK Method enabled CWE-489 CWE-489 Low Trac URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2008-2951) CVE-2008-2951 CWE-601 CWE-601 Medium Tracy debugging tool enabled CWE-200 CWE-200 Medium Trojan shell script CWE-507 CWE-507 High TwistedHTTP Request Splitting Vulnerability (CVE-2020-10108) CVE-2020-10108 Critical TwistedHTTP Request Splitting Vulnerability (CVE-2020-10109) CVE-2020-10109 Critical Twisted Web HTTP Server Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2022-21716) CVE-2022-21716 CWE-120 CWE-120 High Twisted Web HTTP Server Direct Request ('Forced Browsing') Vulnerability (CVE-2016-1000111) CVE-2016-1000111 CWE-425 CWE-425 Medium Twisted Web HTTP Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2022-21712) CVE-2022-21712 CWE-200 CWE-200 High Twisted Web HTTP Server Improper Certificate Validation Vulnerability (CVE-2014-7143) CVE-2014-7143 CWE-295 CWE-295 High Twisted Web HTTP Server Improper Certificate Validation Vulnerability (CVE-2019-12855) CVE-2019-12855 CWE-295 CWE-295 High Twisted Web HTTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-39348) CVE-2022-39348 CWE-707 CWE-707 Medium Twisted Web HTTP Server Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2019-12387) CVE-2019-12387 CWE-138 CWE-138 Medium Twisted Web HTTP Server Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2023-46137) CVE-2023-46137 Medium Twisted Web HTTP Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2022-24801) CVE-2022-24801 CWE-444 CWE-444 High TYPO3 7PK - Security Features Vulnerability (CVE-2016-5091) CVE-2016-5091 High Typo3 Admin publicly accessible CWE-200 CWE-200 Informational TYPO3 Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2022-36104) CVE-2022-36104 CWE-770 CWE-770 High TYPO3 Cleartext Storage of Sensitive Information Vulnerability (CVE-2020-26228) CVE-2020-26228 CWE-312 CWE-312 High TYPO3 Cleartext Storage of Sensitive Information Vulnerability (CVE-2021-21339) CVE-2021-21339 CWE-312 CWE-312 High TYPO3 Cleartext Transmission of Sensitive Information Vulnerability (CVE-2017-6370) CVE-2017-6370 CWE-319 CWE-319 Medium TYPO3 Cleartext Transmission of Sensitive Information Vulnerability (CVE-2022-31046) CVE-2022-31046 CWE-319 CWE-319 Medium Typo3 core sanitizeLocalUrl() non-persistent cross-site scripting CVE-2015-5956 CWE-79 CWE-79 High TYPO3 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2009-3633) CVE-2009-3633 CWE-352 CWE-352 Medium TYPO3 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-11069) CVE-2020-11069 CWE-352 CWE-352 High TYPO3 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-41113) CVE-2021-41113 CWE-352 CWE-352 High TYPO3 Cryptographic Issues Vulnerability (CVE-2009-0255) CVE-2009-0255 Medium TYPO3 Cryptographic Issues Vulnerability (CVE-2012-3527) CVE-2012-3527 Medium TYPO3 Cryptographic Issues Vulnerability (CVE-2013-7075) CVE-2013-7075 Medium TYPO3 CVE-2010-0286 Vulnerability (CVE-2010-0286) CVE-2010-0286 Medium TYPO3 CVE-2013-7080 Vulnerability (CVE-2013-7080) CVE-2013-7080 Medium TYPO3 CVE-2023-38499 Vulnerability (CVE-2023-38499) CVE-2023-38499 Medium TYPO3 CVE-2023-47126 Vulnerability (CVE-2023-47126) CVE-2023-47126 Medium TYPO3 CVE-2024-25118 Vulnerability (CVE-2024-25118) CVE-2024-25118 Medium TYPO3 CVE-2024-25119 Vulnerability (CVE-2024-25119) CVE-2024-25119 Medium TYPO3 CVE-2024-25120 Vulnerability (CVE-2024-25120) CVE-2024-25120 Medium TYPO3 CVE-2024-25121 Vulnerability (CVE-2024-25121) CVE-2024-25121 High Typo3 debug mode enabled CWE-200 CWE-200 Low TYPO3 Deserialization of Untrusted Data Vulnerability (CVE-2019-12747) CVE-2019-12747 CWE-502 CWE-502 Critical TYPO3 Deserialization of Untrusted Data Vulnerability (CVE-2019-19849) CVE-2019-19849 CWE-502 CWE-502 High TYPO3 Deserialization of Untrusted Data Vulnerability (CVE-2020-11067) CVE-2020-11067 CWE-502 CWE-502 High TYPO3 Deserialization of Untrusted Data Vulnerability (CVE-2020-15098) CVE-2020-15098 CWE-502 CWE-502 High TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2005-4875) CVE-2005-4875 CWE-200 CWE-200 High TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2009-0815) CVE-2009-0815 CWE-200 CWE-200 Medium TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2009-3628) CVE-2009-3628 CWE-200 CWE-200 Medium TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-3664) CVE-2010-3664 CWE-200 CWE-200 Medium TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-3673) CVE-2010-3673 CWE-200 CWE-200 Medium TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-5104) CVE-2010-5104 CWE-200 CWE-200 Medium TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-4627) CVE-2011-4627 CWE-200 CWE-200 Medium TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-4900) CVE-2011-4900 CWE-200 CWE-200 Medium TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-4901) CVE-2011-4901 CWE-200 CWE-200 Medium TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-1607) CVE-2012-1607 CWE-200 CWE-200 Medium TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-3529) CVE-2012-3529 CWE-200 CWE-200 Low TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-3946) CVE-2014-3946 CWE-200 CWE-200 Medium TYPO3 Files or Directories Accessible to External Parties Vulnerability (CVE-2021-21355) CVE-2021-21355 CWE-552 CWE-552 High TYPO3 Improper Authentication Vulnerability (CVE-2009-0256) CVE-2009-0256 CWE-287 CWE-287 High TYPO3 Improper Authentication Vulnerability (CVE-2009-3635) CVE-2009-3635 CWE-287 CWE-287 Medium TYPO3 Improper Authentication Vulnerability (CVE-2011-4628) CVE-2011-4628 CWE-287 CWE-287 Critical TYPO3 Improper Authentication Vulnerability (CVE-2014-3944) CVE-2014-3944 CWE-287 CWE-287 Medium TYPO3 Improper Authentication Vulnerability (CVE-2014-3945) CVE-2014-3945 CWE-287 CWE-287 Medium TYPO3 Improper Authentication Vulnerability (CVE-2015-2047) CVE-2015-2047 CWE-287 CWE-287 Low TYPO3 Improper Authentication Vulnerability (CVE-2022-23501) CVE-2022-23501 CWE-287 CWE-287 Medium TYPO3 Improper Authentication Vulnerability (CVE-2022-36106) CVE-2022-36106 CWE-287 CWE-287 Medium TYPO3 Improper Authentication Vulnerability (CVE-2023-47127) CVE-2023-47127 CWE-287 CWE-287 Medium TYPO3 Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2009-3631) CVE-2009-3631 CWE-94 CWE-94 High 1...174175176177...307 175 / 307
