Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

CMS

TYPO3

TYPO3 is a free Open Source content management system for enterprise purposes on the web and in intranets. It offers full flexibility and extendability while featuring an accomplished set of ready-made interfaces functions and modules.

Official Site:

https://typo3.org/

Severity Summary:

Critical: 5 High: 33 Medium: 127 Low: 18
Reference
Title
Severity
CVE-2016-5091
TYPO3 7PK - Security Features Vulnerability
High
CVE-2019-19850
TYPO3 Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2019-11832
TYPO3 Improper Input Validation Vulnerability
High
CVE-2022-23503
TYPO3 Improper Control of Generation of Code (Code Injection) Vulnerability
High
CVE-2020-11069
TYPO3 Cross-Site Request Forgery (CSRF) Vulnerability
High
CVE-2020-26228
TYPO3 Cleartext Storage of Sensitive Information Vulnerability
High
CVE-2024-25121
TYPO3 Vulnerability
High
CVE-2020-11067
TYPO3 Deserialization of Untrusted Data Vulnerability
High
CVE-2009-3628
TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2008-6699
TYPO3 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2009-0816
TYPO3 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2009-0257
TYPO3 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2009-0815
TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2024-25118
TYPO3 Vulnerability
Medium
CVE-2009-0255
TYPO3 Cryptographic Issues Vulnerability
Medium
CVE-2008-5656
TYPO3 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2009-3630
TYPO3 Other Vulnerability
Medium
CVE-2009-3635
TYPO3 Improper Authentication Vulnerability
Medium
CVE-2009-3632
TYPO3 Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Medium
CVE-2010-3715
TYPO3 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2010-5102
TYPO3 Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Medium
CVE-2010-5101
TYPO3 Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Medium
CVE-2011-4614
TYPO3 Improper Control of Generation of Code (Code Injection) Vulnerability
Medium
CVE-2010-4068
TYPO3 Improper Input Validation Vulnerability
Medium
CVE-2010-3717
TYPO3 Permissions Privileges and Access Controls Vulnerability
Medium
CVE-2010-3716
TYPO3 Improper Input Validation Vulnerability
Medium
CVE-2024-25120
TYPO3 Vulnerability
Medium
CVE-2009-3633
TYPO3 Cross-Site Request Forgery (CSRF) Vulnerability
Medium
CVE-2024-25119
TYPO3 Vulnerability
Medium
CVE-2010-1153
TYPO3 Improper Control of Generation of Code (Code Injection) Vulnerability
Medium