Resources

Vulnerability & Exploit Database

This is the list of vulnerabilities that can be detected with Pentest-Tools.com and the exploits that are currently available in the platform.

We detect more than 11.389 vulnerabilities with multiple tools (Network Scanner, Website Scanner, Wordpress Scanner, and more) and we also have 141 exploit modules in Sniper to validate the risk level of critical CVEs.

Display

Displaying 1 - 25 results out of 11.389

Pentest-Tools.com Vulnerabilities
Name
CVE
Detectable
with
Detection added
Severity
CVSSv3
score
Exploitable
with Sniper
Magento - XML External Entity InjectionNetwork Scanner

Critical

9.8Yes
Next.js - Server Side Request Forgery (SSRF)Network Scanner

High

7.5No
BlueNet Technology Clinical Browsing System 1.2.1 - Sql InjectionNetwork Scanner

Medium

6.3No
WPS Hide Login < 1.9.16.4 - Hidden Login Page DisclosureNetwork Scanner
---
---No
Linx Sphere - Directory TraversalNetwork Scanner

High

7.5No
NS-ASG Application Security Gateway 6.3 - Sql InjectionNetwork Scanner

Medium

6.3No
XWiki - Open RedirectNetwork Scanner

Medium

6.1No
Electrolink FM/DAB/TV Transmitter (controlloLogin.js) - Credentials DisclosureNetwork Scanner

High

7.5No
mojoPortal v.2.7.0.0 - Cross-Site ScriptingNetwork Scanner

Medium

6.1No
JeecgBoot JimuReport - Template injectionNetwork Scanner

Critical

9.8No
ServiceNow - Incomplete Input ValidationNetwork Scanner

Critical

9.8No
MasterStudy LMS WordPress Plugin <= 3.2.5 - SQL InjectionNetwork Scanner

Critical

9.8No
WWBN AVideo 11.6 - Cross-Site ScriptingNetwork Scanner

Medium

6.1No
Chamilo LMS <= 1.11.24 - Remote Code ExecutionNetwork Scanner

Medium

6.1No
TrakSYS 11.x.x - Sensitive Data ExposureNetwork Scanner

Medium

5.3No
Hash Form <= 1.1.0 - Arbitrary File UploadNetwork Scanner

Critical

9.8No
Edito CMS - Sensitive Data LeakNetwork Scanner

High

7.5No
EduSoho < v22.4.7 - Local File Inclusion (CNVD-2023-03903)Network Scanner
---
---No
Leadsec VPN - Arbitrary File Read (CNVD-2021-64035)Network Scanner
---
---No
Label Studio - Sensitive Information ExposureNetwork Scanner

High

7.5No
Ollama - Remote Code ExecutionNetwork Scanner
---
---No
Linksys RE7000 - Command InjectionNetwork Scanner
---
---No
XWiki >= 3.4-milestone-1 - Cross-Site ScriptingNetwork Scanner

Medium

6.1No
Splunk Enterprise - Local File InclusionNetwork Scanner

High

7.5No
XWiki >= 6.2-milestone-1 - Cross-Site ScriptingNetwork Scanner

Medium

6.1No