Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Api Bfla Api Bola Api Broken Auth Api Broken Object Prop Auth Api Dos Api Improper Inventory Management Api Misconfiguration Api Ssrf Arbitrary File Creation Arbitrary File Read Arbitrary File Write Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities LLM Ldap Injection Llm Excessive Agency Llm Insecure Output Handling Llm Prompt Injection Llm Sensitive Information Disclosure Malware Missing Update Path Traversal Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Xss - Known Vulnerabilities Vulnerability Name CVE CWE CWE Severity TinyMCE Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-21911) CVE-2024-21911 CWE-707 CWE-707 Medium TLS/SSL certificate key size too small CWE-310 CWE-310 Medium TLS/SSL LOGJAM attack CVE-2015-4000 CWE-310 CWE-310 Medium TLS/SSL Sweet32 attack CVE-2016-2183 CVE-2016-6329 CWE-310 CWE-310 Medium TLS/SSL Weak Cipher Suites CWE-310 CWE-310 Medium Tornado debug mode CWE-489 CWE-489 Medium Tornado Improper Input Validation Vulnerability (CVE-2012-2374) CVE-2012-2374 CWE-20 CWE-20 Medium Tornado Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2014-9720) CVE-2014-9720 Medium Tornado URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2023-28370) CVE-2023-28370 CWE-601 CWE-601 Medium Tornado weak secret key CWE-693 CWE-693 Medium Trac URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2008-2951) CVE-2008-2951 CWE-601 CWE-601 Medium Tracy debugging tool enabled CWE-200 CWE-200 Medium Twisted Web HTTP Server Direct Request ('Forced Browsing') Vulnerability (CVE-2016-1000111) CVE-2016-1000111 CWE-425 CWE-425 Medium Twisted Web HTTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-39348) CVE-2022-39348 CWE-707 CWE-707 Medium Twisted Web HTTP Server Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2019-12387) CVE-2019-12387 CWE-138 CWE-138 Medium Twisted Web HTTP Server Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2023-46137) CVE-2023-46137 Medium TYPO3 Cleartext Transmission of Sensitive Information Vulnerability (CVE-2017-6370) CVE-2017-6370 CWE-319 CWE-319 Medium TYPO3 Cleartext Transmission of Sensitive Information Vulnerability (CVE-2022-31046) CVE-2022-31046 CWE-319 CWE-319 Medium TYPO3 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2009-3633) CVE-2009-3633 CWE-352 CWE-352 Medium TYPO3 Cryptographic Issues Vulnerability (CVE-2009-0255) CVE-2009-0255 Medium TYPO3 Cryptographic Issues Vulnerability (CVE-2012-3527) CVE-2012-3527 Medium TYPO3 Cryptographic Issues Vulnerability (CVE-2013-7075) CVE-2013-7075 Medium TYPO3 CVE-2010-0286 Vulnerability (CVE-2010-0286) CVE-2010-0286 Medium TYPO3 CVE-2013-7080 Vulnerability (CVE-2013-7080) CVE-2013-7080 Medium TYPO3 CVE-2023-38499 Vulnerability (CVE-2023-38499) CVE-2023-38499 Medium TYPO3 CVE-2023-47126 Vulnerability (CVE-2023-47126) CVE-2023-47126 Medium TYPO3 CVE-2024-25118 Vulnerability (CVE-2024-25118) CVE-2024-25118 Medium TYPO3 CVE-2024-25119 Vulnerability (CVE-2024-25119) CVE-2024-25119 Medium TYPO3 CVE-2024-25120 Vulnerability (CVE-2024-25120) CVE-2024-25120 Medium TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2009-0815) CVE-2009-0815 CWE-200 CWE-200 Medium TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2009-3628) CVE-2009-3628 CWE-200 CWE-200 Medium TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-3664) CVE-2010-3664 CWE-200 CWE-200 Medium TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-3673) CVE-2010-3673 CWE-200 CWE-200 Medium TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-5104) CVE-2010-5104 CWE-200 CWE-200 Medium TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-4627) CVE-2011-4627 CWE-200 CWE-200 Medium TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-4900) CVE-2011-4900 CWE-200 CWE-200 Medium TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-4901) CVE-2011-4901 CWE-200 CWE-200 Medium TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-1607) CVE-2012-1607 CWE-200 CWE-200 Medium TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-3946) CVE-2014-3946 CWE-200 CWE-200 Medium TYPO3 Improper Authentication Vulnerability (CVE-2009-3635) CVE-2009-3635 CWE-287 CWE-287 Medium TYPO3 Improper Authentication Vulnerability (CVE-2014-3944) CVE-2014-3944 CWE-287 CWE-287 Medium TYPO3 Improper Authentication Vulnerability (CVE-2014-3945) CVE-2014-3945 CWE-287 CWE-287 Medium TYPO3 Improper Authentication Vulnerability (CVE-2022-23501) CVE-2022-23501 CWE-287 CWE-287 Medium TYPO3 Improper Authentication Vulnerability (CVE-2022-36106) CVE-2022-36106 CWE-287 CWE-287 Medium TYPO3 Improper Authentication Vulnerability (CVE-2023-47127) CVE-2023-47127 CWE-287 CWE-287 Medium TYPO3 Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2010-1153) CVE-2010-1153 CWE-94 CWE-94 Medium TYPO3 Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2011-4614) CVE-2011-4614 CWE-94 CWE-94 Medium TYPO3 Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2013-4321) CVE-2013-4321 CWE-94 CWE-94 Medium TYPO3 Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2014-3942) CVE-2014-3942 CWE-94 CWE-94 Medium TYPO3 Improper Input Validation Vulnerability (CVE-2010-3667) CVE-2010-3667 CWE-20 CWE-20 Medium TYPO3 Improper Input Validation Vulnerability (CVE-2010-3716) CVE-2010-3716 CWE-20 CWE-20 Medium TYPO3 Improper Input Validation Vulnerability (CVE-2010-4068) CVE-2010-4068 CWE-20 CWE-20 Medium TYPO3 Improper Input Validation Vulnerability (CVE-2010-5099) CVE-2010-5099 CWE-20 CWE-20 Medium TYPO3 Improper Input Validation Vulnerability (CVE-2011-4902) CVE-2011-4902 CWE-20 CWE-20 Medium TYPO3 Improper Input Validation Vulnerability (CVE-2011-4904) CVE-2011-4904 CWE-20 CWE-20 Medium TYPO3 Improper Input Validation Vulnerability (CVE-2012-1608) CVE-2012-1608 CWE-20 CWE-20 Medium TYPO3 Improper Input Validation Vulnerability (CVE-2013-4250) CVE-2013-4250 CWE-20 CWE-20 Medium TYPO3 Improper Input Validation Vulnerability (CVE-2013-7079) CVE-2013-7079 CWE-20 CWE-20 Medium TYPO3 Improper Input Validation Vulnerability (CVE-2014-3941) CVE-2014-3941 CWE-20 CWE-20 Medium TYPO3 Improper Input Validation Vulnerability (CVE-2015-8760) CVE-2015-8760 CWE-20 CWE-20 Medium TYPO3 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2010-5101) CVE-2010-5101 CWE-22 CWE-22 Medium TYPO3 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2010-5102) CVE-2010-5102 CWE-22 CWE-22 Medium TYPO3 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2023-30451) CVE-2023-30451 CWE-22 CWE-22 Medium TYPO3 Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2014-9508) CVE-2014-9508 CWE-59 CWE-59 Medium TYPO3 Improper Neutralization of HTTP Headers for Scripting Syntax Vulnerability (CVE-2021-41114) CVE-2021-41114 CWE-644 CWE-644 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-2718) CVE-2008-2718 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-5644) CVE-2008-5644 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-5656) CVE-2008-5656 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-6699) CVE-2008-6699 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-0257) CVE-2009-0257 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-0816) CVE-2009-0816 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-3634) CVE-2009-3634 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-3636) CVE-2009-3636 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-3659) CVE-2010-3659 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-3660) CVE-2010-3660 CWE-707 CWE-707 Medium 1...979899100...109 98 / 109
