Skip to main content

Resources

Vulnerability & Exploit Database

This is the list of vulnerabilities that can be detected with Pentest-Tools.com and the exploits that are currently available in the platform.

We detect more than 11.389 vulnerabilities with multiple tools (Network Scanner, Website Scanner, Wordpress Scanner, and more) and we also have 141 exploit modules in Sniper to validate the risk level of critical CVEs.

Display

Displaying 1 - 25 results out of 11.389

Pentest-Tools.com Vulnerabilities
Name
CVE
Detectable
with
Detection added
Severity
CVSSv3
score
Exploitable
with Sniper
Magento - XML External Entity Injection
CVE-2024-34102
Network Scanner

Critical

9.8Yes
Next.js - Server Side Request Forgery (SSRF)
CVE-2024-34351
Network Scanner

High

7.5No
BlueNet Technology Clinical Browsing System 1.2.1 - Sql Injection
CVE-2024-4257
Network Scanner

Medium

6.3No
WPS Hide Login < 1.9.16.4 - Hidden Login Page Disclosure
CVE-2024-6289
Network Scanner
---
---No
Linx Sphere - Directory Traversal
CVE-2022-45269
Network Scanner

High

7.5No
NS-ASG Application Security Gateway 6.3 - Sql Injection
CVE-2024-2330
Network Scanner

Medium

6.3No
XWiki - Open Redirect
CVE-2023-29204
Network Scanner

Medium

6.1No
Electrolink FM/DAB/TV Transmitter (controlloLogin.js) - Credentials Disclosure
CVE-2024-3742
Network Scanner

High

7.5No
mojoPortal v.2.7.0.0 - Cross-Site Scripting
CVE-2023-44012
Network Scanner

Medium

6.1No
JeecgBoot JimuReport - Template injection
CVE-2023-4450
Network Scanner

Critical

9.8No
ServiceNow - Incomplete Input Validation
CVE-2024-5217
Network Scanner

Critical

9.8No
MasterStudy LMS WordPress Plugin <= 3.2.5 - SQL Injection
CVE-2024-1512
Network Scanner

Critical

9.8No
WWBN AVideo 11.6 - Cross-Site Scripting
CVE-2023-48728
Network Scanner

Medium

6.1No
Chamilo LMS <= 1.11.24 - Remote Code Execution
CVE-2023-4220
Network Scanner

Medium

6.1No
TrakSYS 11.x.x - Sensitive Data Exposure
CVE-2024-6188
Network Scanner

Medium

5.3No
Hash Form <= 1.1.0 - Arbitrary File Upload
CVE-2024-5084
Network Scanner

Critical

9.8No
Edito CMS - Sensitive Data Leak
CVE-2024-4836
Network Scanner

High

7.5No
EduSoho < v22.4.7 - Local File Inclusion (CNVD-2023-03903)
CNVD-2023-03903
Network Scanner
---
---No
Leadsec VPN - Arbitrary File Read (CNVD-2021-64035)
CNVD-2021-64035
Network Scanner
---
---No
Label Studio - Sensitive Information Exposure
CVE-2023-47117
Network Scanner

High

7.5No
Ollama - Remote Code Execution
CVE-2024-37032
Network Scanner
---
---No
Linksys RE7000 - Command Injection
CVE-2024-25852
Network Scanner
---
---No
XWiki >= 3.4-milestone-1 - Cross-Site Scripting
CVE-2023-35159
Network Scanner

Medium

6.1No
Splunk Enterprise - Local File Inclusion
CVE-2024-36991
Network Scanner

High

7.5No
XWiki >= 6.2-milestone-1 - Cross-Site Scripting
CVE-2023-35161
Network Scanner

Medium

6.1No