Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Api Bfla Api Bola Api Broken Auth Api Broken Object Prop Auth Api Dos Api Improper Inventory Management Api Misconfiguration Api Ssrf Arbitrary File Creation Arbitrary File Read Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial Of Service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilities LLM Ldap Injection Llm Excessive Agency Llm Insecure Output Handling Llm Prompt Injection Llm Prompt Leakage Llm Sensitive Information Disclosure Malware Missing Update Privilege Escalation SSRF Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Twisted Web HTTP Server Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2023-46137) CVE-2023-46137 Medium Twisted Web HTTP Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2022-24801) CVE-2022-24801 CWE-444 CWE-444 High TYPO3 7PK - Security Features Vulnerability (CVE-2016-5091) CVE-2016-5091 High Typo3 Admin publicly accessible CWE-200 CWE-200 Informational TYPO3 Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2022-36104) CVE-2022-36104 CWE-770 CWE-770 High TYPO3 Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-34358) CVE-2024-34358 CWE-770 CWE-770 Medium TYPO3 Authentication Bypass Using an Alternate Path or Channel Vulnerability (CVE-2025-47941) CVE-2025-47941 CWE-288 CWE-288 High TYPO3 Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2025-7900) CVE-2025-7900 CWE-639 CWE-639 Medium TYPO3 Cleartext Storage of Sensitive Information Vulnerability (CVE-2020-26228) CVE-2020-26228 CWE-312 CWE-312 High TYPO3 Cleartext Storage of Sensitive Information Vulnerability (CVE-2021-21339) CVE-2021-21339 CWE-312 CWE-312 High TYPO3 Cleartext Storage of Sensitive Information Vulnerability (CVE-2026-6553) CVE-2026-6553 CWE-312 CWE-312 High TYPO3 Cleartext Transmission of Sensitive Information Vulnerability (CVE-2017-6370) CVE-2017-6370 CWE-319 CWE-319 Medium TYPO3 Cleartext Transmission of Sensitive Information Vulnerability (CVE-2022-31046) CVE-2022-31046 CWE-319 CWE-319 Medium Typo3 core sanitizeLocalUrl() non-persistent cross-site scripting CVE-2015-5956 CWE-79 CWE-79 High TYPO3 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2009-3633) CVE-2009-3633 CWE-352 CWE-352 Medium TYPO3 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-11069) CVE-2020-11069 CWE-352 CWE-352 High TYPO3 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-41113) CVE-2021-41113 CWE-352 CWE-352 High TYPO3 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-55894) CVE-2024-55894 CWE-352 CWE-352 Medium TYPO3 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-55924) CVE-2024-55924 CWE-352 CWE-352 High TYPO3 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-55945) CVE-2024-55945 CWE-352 CWE-352 Medium TYPO3 Cryptographic Issues Vulnerability (CVE-2009-0255) CVE-2009-0255 Medium TYPO3 Cryptographic Issues Vulnerability (CVE-2012-3527) CVE-2012-3527 Medium TYPO3 Cryptographic Issues Vulnerability (CVE-2013-7075) CVE-2013-7075 Medium TYPO3 CVE-2010-0286 Vulnerability (CVE-2010-0286) CVE-2010-0286 Medium TYPO3 CVE-2013-7080 Vulnerability (CVE-2013-7080) CVE-2013-7080 Medium TYPO3 CVE-2023-38499 Vulnerability (CVE-2023-38499) CVE-2023-38499 Medium TYPO3 CVE-2023-47126 Vulnerability (CVE-2023-47126) CVE-2023-47126 Medium TYPO3 CVE-2024-25118 Vulnerability (CVE-2024-25118) CVE-2024-25118 Medium TYPO3 CVE-2024-25119 Vulnerability (CVE-2024-25119) CVE-2024-25119 Medium TYPO3 CVE-2024-25120 Vulnerability (CVE-2024-25120) CVE-2024-25120 Medium TYPO3 CVE-2024-25121 Vulnerability (CVE-2024-25121) CVE-2024-25121 High TYPO3 CVE-2024-34537 Vulnerability (CVE-2024-34537) CVE-2024-34537 Medium Typo3 debug mode enabled CWE-200 CWE-200 Low TYPO3 Deserialization of Untrusted Data Vulnerability (CVE-2019-12747) CVE-2019-12747 CWE-502 CWE-502 Critical TYPO3 Deserialization of Untrusted Data Vulnerability (CVE-2019-19849) CVE-2019-19849 CWE-502 CWE-502 High TYPO3 Deserialization of Untrusted Data Vulnerability (CVE-2020-11067) CVE-2020-11067 CWE-502 CWE-502 High TYPO3 Deserialization of Untrusted Data Vulnerability (CVE-2020-15098) CVE-2020-15098 CWE-502 CWE-502 High TYPO3 Deserialization of Untrusted Data Vulnerability (CVE-2026-0859) CVE-2026-0859 CWE-502 CWE-502 High TYPO3 Exposed Dangerous Method or Function Vulnerability (CVE-2024-55893) CVE-2024-55893 CWE-749 CWE-749 Medium TYPO3 Exposed Dangerous Method or Function Vulnerability (CVE-2024-55920) CVE-2024-55920 CWE-749 CWE-749 Medium TYPO3 Exposed Dangerous Method or Function Vulnerability (CVE-2024-55921) CVE-2024-55921 CWE-749 CWE-749 High TYPO3 Exposed Dangerous Method or Function Vulnerability (CVE-2024-55922) CVE-2024-55922 CWE-749 CWE-749 Medium TYPO3 Exposed Dangerous Method or Function Vulnerability (CVE-2024-55923) CVE-2024-55923 CWE-749 CWE-749 Medium TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2005-4875) CVE-2005-4875 CWE-200 CWE-200 High TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2009-0815) CVE-2009-0815 CWE-200 CWE-200 Medium TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2009-3628) CVE-2009-3628 CWE-200 CWE-200 Medium TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-3664) CVE-2010-3664 CWE-200 CWE-200 Medium TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-3673) CVE-2010-3673 CWE-200 CWE-200 Medium TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-5104) CVE-2010-5104 CWE-200 CWE-200 Medium TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-4627) CVE-2011-4627 CWE-200 CWE-200 Medium TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-4900) CVE-2011-4900 CWE-200 CWE-200 Medium TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-4901) CVE-2011-4901 CWE-200 CWE-200 Medium TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-1607) CVE-2012-1607 CWE-200 CWE-200 Medium TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-3529) CVE-2012-3529 CWE-200 CWE-200 Low TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-3946) CVE-2014-3946 CWE-200 CWE-200 Medium TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2025-59018) CVE-2025-59018 CWE-200 CWE-200 Medium TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2025-59019) CVE-2025-59019 CWE-200 CWE-200 Medium TYPO3 Files or Directories Accessible to External Parties Vulnerability (CVE-2021-21355) CVE-2021-21355 CWE-552 CWE-552 High TYPO3 Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2025-59016) CVE-2025-59016 CWE-209 CWE-209 Medium TYPO3 Improper Authentication Vulnerability (CVE-2009-0256) CVE-2009-0256 CWE-287 CWE-287 High TYPO3 Improper Authentication Vulnerability (CVE-2009-3635) CVE-2009-3635 CWE-287 CWE-287 Medium TYPO3 Improper Authentication Vulnerability (CVE-2011-4628) CVE-2011-4628 CWE-287 CWE-287 Critical TYPO3 Improper Authentication Vulnerability (CVE-2014-3944) CVE-2014-3944 CWE-287 CWE-287 Medium TYPO3 Improper Authentication Vulnerability (CVE-2014-3945) CVE-2014-3945 CWE-287 CWE-287 Medium TYPO3 Improper Authentication Vulnerability (CVE-2015-2047) CVE-2015-2047 CWE-287 CWE-287 Low TYPO3 Improper Authentication Vulnerability (CVE-2022-23501) CVE-2022-23501 CWE-287 CWE-287 Medium TYPO3 Improper Authentication Vulnerability (CVE-2022-36106) CVE-2022-36106 CWE-287 CWE-287 Medium TYPO3 Improper Authentication Vulnerability (CVE-2023-47127) CVE-2023-47127 CWE-287 CWE-287 Medium TYPO3 Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2009-3631) CVE-2009-3631 CWE-94 CWE-94 High TYPO3 Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2010-1153) CVE-2010-1153 CWE-94 CWE-94 Medium TYPO3 Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2011-4614) CVE-2011-4614 CWE-94 CWE-94 Medium TYPO3 Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2013-4321) CVE-2013-4321 CWE-94 CWE-94 Medium TYPO3 Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2014-3942) CVE-2014-3942 CWE-94 CWE-94 Medium TYPO3 Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2022-23503) CVE-2022-23503 CWE-94 CWE-94 High TYPO3 Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-22188) CVE-2024-22188 CWE-94 CWE-94 High 1...193194195196...327 194 / 327
