Skip to main content

Resources

Vulnerability & Exploit Database

This is the list of vulnerabilities that can be detected with Pentest-Tools.com and the exploits that are currently available in the platform.

We detect more than 11.185 vulnerabilities with multiple tools (Network Scanner, Website Scanner, Wordpress Scanner, and more) and we also have 133 exploit modules in Sniper to validate the risk level of critical CVEs.

Display

Displaying 1 - 25 results out of 11.185

Pentest-Tools.com Vulnerabilities
Name
CVE
Detectable
with
Detection added
Severity
CVSSv3
score
Exploitable
with Sniper
Hotel Booking Lite < 4.8.5 - Arbitrary File Download & Deletion
CVE-2023-5991
Network Scanner

High

9.8No
Embedded JavaScript(EJS) 3.1.6 - Template Injection
CVE-2023-29827
Network Scanner

High

9.8No
Gradio Applications - Local File Read
CVE-2024-1561
Network Scanner

High

7.5No
NextGEN Gallery <= 3.59 - Missing Authorization to Unauthenticated Information Disclosure
CVE-2024-3097
Network Scanner

Medium

5.3No
XWiki - Cross-Site Scripting
CVE-2023-35158
Network Scanner

Medium

6.1No
mooSocial v.3.1.8 - Cross-Site Scripting
CVE-2023-44813
Network Scanner

Medium

6.1No
qdPM 9.2 - Directory Traversal
CVE-2023-45855
Network Scanner

High

7.5No
Roxy Wi - Remote Code Execution
CVE-2022-31137
Network Scanner

High

9.8Yes
Cybersecurity Infrastructure Security Agency (CISA)TeamCity - Authentication Bypass
CVE-2024-27198
Network Scanner

High

9.8Yes
Hoteldruid v3.0.5 - SQL Injection
CVE-2023-43374
Network Scanner

High

9.8No
Github Enterprise Authenticated Remote Code Execution
CVE-2024-0200
Network Scanner

High

9.8No
Change Detection - Server Side Template Injection
CVE-2024-32651
Network Scanner

High

10No
User Meta WP Plugin < 3.1 - Sensitive Information Exposure
CVE-2024-33575
Network Scanner

Medium

5.3No
CData API Server < 23.4.8844 - Path Traversal
CVE-2024-31848
Network Scanner

High

9.8No
SOPlanning 1.52.00 Cross Site Scripting
CVE-2024-33724
Network Scanner

Medium

---No
Shield Security WP Plugin <= 18.5.9 - Local File Inclusion
CVE-2023-6989
Network Scanner

High

9.8No
Combo Blocks < 2.2.76 - Improper Access Control
CVE-2024-0881
Network Scanner

Medium

---No
CData Arc < 23.4.8839 - Path Traversal
CVE-2024-31850
Network Scanner

High

8.6No
CData Sync < 23.4.8843 - Path Traversal
CVE-2024-31851
Network Scanner

High

8.6No
Mura/Masa CMS - SQL Injection
CVE-2024-32640
Network Scanner

High

---No
mooSocial v.3.1.8 - Cross-Site Scripting
CVE-2023-44812
Network Scanner

Medium

6.1No
Import XML and RSS Feeds < 2.1.5 - Unauthenticated RCE
CVE-2023-4521
Network Scanner

High

9.8No
eyoucms v.1.6.5 - Cross-Site Scripting
CVE-2024-22927
Network Scanner

Medium

6.1No
WordPress Toolbar <= 2.2.6 - Open Redirect
CVE-2023-6389
Network Scanner

Medium

6.1No
Avada < 7.11.7 - Information Disclosure
CVE-2024-2340
Network Scanner

Medium

5.3No