Resources

Vulnerability & Exploit Database

This is the list of vulnerabilities that can be detected with Pentest-Tools.com and the exploits that are currently available in the platform.

We detect more than 11.144 vulnerabilities with multiple tools (Network Scanner, Website Scanner, Wordpress Scanner, and more) and we also have 131 exploit modules in Sniper to validate the risk level of critical CVEs.

Display

Displaying 1 - 25 results out of 11.144

Pentest-Tools.com Vulnerabilities
Name	CVE	Detectable with	Detection added	Severity	CVSSv3 score	Exploitable with Sniper
Gradio - Server Side Request Forgery	CVE-2024-1183	Network Scanner	Apr 26, 2024	Medium	6.5	No
Modoboa < 2.1.0 - Improper Authorization	CVE-2023-2227	Network Scanner	Apr 26, 2024	High	9.1	No
Sidekiq < 7.0.8 - Cross-Site Scripting	CVE-2023-1892	Network Scanner	Apr 26, 2024	High	8.3	No
RaidenMAILD Mail Server v.4.9.4 - Path Traversal	CVE-2024-32399	Network Scanner	Apr 26, 2024	High	---	No
OpenEMR < 7.0.1 - Cross-Site Scripting	CVE-2023-2948	Network Scanner	Apr 24, 2024	Medium	6.1	No
Academy LMS 6.2 - Cross-Site Scripting	CVE-2023-4973	Network Scanner	Apr 24, 2024	Medium	6.1	No
Flowise 1.6.5 - Authentication Bypass	CVE-2024-31621	Network Scanner	Apr 24, 2024	High	---	No
Cassia Gateway Firmware - Remote Code Execution	CVE-2023-31446	Network Scanner	Apr 24, 2024	High	9.8	No
OpenEMR < 7.0.1 - Cross-site Scripting	CVE-2023-2949	Network Scanner	Apr 24, 2024	Medium	6.1	No
Progress Kemp Flowmon - Command Injection	CVE-2024-2389	Network Scanner	Apr 22, 2024	High	10	No
GlobalProtect - OS Command Injection	CVE-2024-3400	Network Scanner	Apr 17, 2024	High	10	No
AudioCodes Device Manager Express - SQL Injection	CVE-2022-24627	Network Scanner	Apr 17, 2024	High	9.8	No
LoadMaster - Remote Code Execution	CVE-2024-1212	Network Scanner	Apr 16, 2024	High	10	Yes
OpenSSH Terrapin Attack - Detection	CVE-2023-48795	Network Scanner	Apr 16, 2024	Medium	5.9	No
GoAnywhere MFT - Authentication Bypass	CVE-2024-0204	Network Scanner	Apr 16, 2024	High	9.8	Yes
ReCrystallize Server - Authentication Bypass	CVE-2024-26331	Network Scanner	Apr 13, 2024	High	---	No
Popup by Supsystic < 1.10.9 - Subscriber Email Addresses Disclosure	CVE-2022-0424	Network Scanner	Apr 11, 2024	Medium	5.3	No
Travelpayouts <= 1.1.16 - Open Redirect	CVE-2024-0337	Network Scanner	Apr 11, 2024	Medium	---	No
WordPress Plugin LayerSlider 7.9.11-7.10.0 - SQL Injection	CVE-2024-2879	Network Scanner	Apr 10, 2024	High	9.8	No
D-Link Network Attached Storage - Command Injection and Backdoor Account	CVE-2024-3273	Network Scanner	Apr 10, 2024	High	7.3	No
Text4Shell - Remote Code Execution	CVE-2022-42889	Network Scanner	Apr 8, 2024	High	9.8	No
Django - SQL injection	CVE-2022-34265	Network Scanner	Apr 8, 2024	High	9.8	No
PHP imap - Remote Command Execution	CVE-2018-19518	Network Scanner	Apr 8, 2024	High	7.5	No
Coda v.2024Q1 - Cross-Site Scripting	CVE-2024-28734	Network Scanner	Apr 7, 2024	Medium	---	No
PostgreSQL 9.3-12.3 Authenticated Remote Code Execution	CVE-2019-9193	Network Scanner	Apr 6, 2024	High	7.2	No