Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Web Application Vulnerabilities

This page lists 24342 vulnerabilities in 62 categories.

Critical: 1593 High: 13071 Medium: 8734 Low: 875 Information: 69
Vulnerability Name
CVE
CWE
Severity
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-34357)
CVE-2024-34357
CWE-707
Medium
TYPO3 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2010-3668)
CVE-2010-3668
CWE-138
High
TYPO3 Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression La Vulnerability (CVE-2022-23504)
CVE-2022-23504
CWE-138
Medium
TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2007-6381)
CVE-2007-6381
CWE-138
Medium
TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-3632)
CVE-2009-3632
CWE-138
Medium
TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-4855)
CVE-2009-4855
CWE-138
High
TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-3662)
CVE-2010-3662
CWE-138
High
TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-5103)
CVE-2010-5103
CWE-138
Medium
TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2011-3583)
CVE-2011-3583
CWE-138
Critical
TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-6144)
CVE-2012-6144
CWE-138
Medium
TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-1842)
CVE-2013-1842
CWE-138
High
TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-19850)
CVE-2019-19850
CWE-138
High
TYPO3 Improper Restriction of XML External Entity Reference Vulnerability (CVE-2020-26229)
CVE-2020-26229
CWE-611
Low
TYPO3 Improperly Controlled Modification of Dynamically-Determined Object Attributes Vulnerability (CVE-2020-11066)
CVE-2020-11066
CWE-915
Critical
TYPO3 Inadequate Encryption Strength Vulnerability (CVE-2010-3670)
CVE-2010-3670
CWE-326
Medium
TYPO3 Incorrect Authorization Vulnerability (CVE-2024-47780)
CVE-2024-47780
CWE-863
Medium
TYPO3 Incorrect Authorization Vulnerability (CVE-2025-47937)
CVE-2025-47937
CWE-863
Medium
TYPO3 Incorrect Authorization Vulnerability (CVE-2025-59020)
CVE-2025-59020
CWE-863
Medium
TYPO3 Insertion of Sensitive Information into Log File Vulnerability (CVE-2021-32767)
CVE-2021-32767
CWE-532
Medium
TYPO3 Insertion of Sensitive Information into Log File Vulnerability (CVE-2022-31047)
CVE-2022-31047
CWE-532
Medium
TYPO3 Insertion of Sensitive Information into Log File Vulnerability (CVE-2024-55891)
CVE-2024-55891
CWE-532
Medium
Typo3 Install Tool publicly accessible
-
CWE-200
Medium
TYPO3 Insufficient Entropy Vulnerability (CVE-2025-59015)
CVE-2025-59015
CWE-331
Medium
TYPO3 Insufficient Session Expiration Vulnerability (CVE-2022-23502)
CVE-2022-23502
CWE-613
Medium
TYPO3 Insufficient Session Expiration Vulnerability (CVE-2022-31050)
CVE-2022-31050
CWE-613
High
TYPO3 Missing Authorization Vulnerability (CVE-2025-59017)
CVE-2025-59017
CWE-862
High
TYPO3 Missing Authorization Vulnerability (CVE-2025-59021)
CVE-2025-59021
CWE-862
Medium
TYPO3 Missing Authorization Vulnerability (CVE-2025-59022)
CVE-2025-59022
CWE-862
High
TYPO3 Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2020-11063)
CVE-2020-11063
-
Low
TYPO3 Observable Discrepancy Vulnerability (CVE-2022-36105)
CVE-2022-36105
CWE-203
Medium
TYPO3 Other Vulnerability (CVE-2006-0327)
CVE-2006-0327
-
Medium
TYPO3 Other Vulnerability (CVE-2006-5069)
CVE-2006-5069
-
Low
TYPO3 Other Vulnerability (CVE-2006-6690)
CVE-2006-6690
-
High
TYPO3 Other Vulnerability (CVE-2007-1081)
CVE-2007-1081
-
High
TYPO3 Other Vulnerability (CVE-2009-3630)
CVE-2009-3630
-
Medium
TYPO3 Other Vulnerability (CVE-2012-1605)
CVE-2012-1605
-
Medium
TYPO3 Other Vulnerability (CVE-2012-3530)
CVE-2012-3530
-
Medium
TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-2717)
CVE-2008-2717
CWE-264
Medium
TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-3714)
CVE-2010-3714
CWE-264
High
TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-3717)
CVE-2010-3717
CWE-264
Medium
TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-6146)
CVE-2012-6146
CWE-264
Medium
TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4320)
CVE-2013-4320
CWE-264
Medium
TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-7073)
CVE-2013-7073
CWE-264
Medium
TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-7081)
CVE-2013-7081
CWE-264
Medium
TYPO3 Resource Management Errors Vulnerability (CVE-2013-1843)
CVE-2013-1843
-
Medium
Typo3 Restler 1.7.0 Local File Disclosure
-
CWE-22
High
Typo3 sensitive files
-
CWE-200
Low
TYPO3 Server-Side Request Forgery (SSRF) Vulnerability (CVE-2025-47936)
CVE-2025-47936
CWE-918
Medium
TYPO3 Session Fixation Vulnerability (CVE-2010-3671)
CVE-2010-3671
CWE-384
Medium
TYPO3 Uncaught Exception Vulnerability (CVE-2025-59014)
CVE-2025-59014
CWE-248
Low
TYPO3 Uncontrolled Recursion Vulnerability (CVE-2021-21359)
CVE-2021-21359
CWE-674
High
TYPO3 Uncontrolled Recursion Vulnerability (CVE-2022-23500)
CVE-2022-23500
CWE-674
High
TYPO3 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2010-3663)
CVE-2010-3663
CWE-434
High
TYPO3 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-14251)
CVE-2017-14251
CWE-434
High
TYPO3 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2021-21357)
CVE-2021-21357
CWE-434
High
TYPO3 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2025-47939)
CVE-2025-47939
CWE-434
Medium
TYPO3 Unverified Ownership Vulnerability (CVE-2025-47940)
CVE-2025-47940
CWE-283
High
TYPO3 Unverified Password Change Vulnerability (CVE-2025-47938)
CVE-2025-47938
CWE-620
Low
TYPO3 URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2010-3661)
CVE-2010-3661
CWE-601
Medium
TYPO3 URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2010-3669)
CVE-2010-3669
CWE-601
Medium
TYPO3 URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-15241)
CVE-2020-15241
CWE-601
Medium
TYPO3 URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-21338)
CVE-2021-21338
CWE-601
Medium
TYPO3 URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2024-55892)
CVE-2024-55892
CWE-601
Medium
TYPO3 URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2025-59013)
CVE-2025-59013
CWE-601
Medium
TYPO3 Use of Insufficiently Random Values Vulnerability (CVE-2010-3666)
CVE-2010-3666
CWE-330
Medium
UAParser.js Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2021-4229)
CVE-2021-4229
CWE-829
High
UAParser.js Inefficient Regular Expression Complexity Vulnerability (CVE-2022-25927)
CVE-2022-25927
CWE-1333
High
UAParser.js Other Vulnerability (CVE-2020-7793)
CVE-2020-7793
-
Medium
UAParser.js Other Vulnerability (CVE-2021-27292)
CVE-2021-27292
-
High
UAParser.js Uncontrolled Resource Consumption Vulnerability (CVE-2020-7733)
CVE-2020-7733
CWE-400
Medium
Ubiquiti Unifi Log4Shell RCE
CVE-2021-44228
CWE-78
High
Umbraco CMS local file inclusion
-
CWE-98
High
Umbraco CMS remote code execution
-
CWE-94
High
Umbraco CMS TemplateService remote code execution
CVE-2013-4793
CWE-94
High
Unauthenticated Access to Sensitive Functions
-
CWE-306
High