Resources

Vulnerability & Exploit Database

This is the list of vulnerabilities you can detect with Pentest-Tools.com and the exploits currently available in the platform.

We detect more than 12.120 vulnerabilities with multiple tools (Network Scanner, Website Scanner, Wordpress Scanner, and more) and we also have 150 exploit modules in Sniper to validate the risk level of critical CVEs.

Display

Displaying 1 - 25 results out of 12.120

Pentest-Tools.com Vulnerabilities
Name
Detectable with
Detection added
Severity
Exploitable
with Sniper
Symfony Profiler - Remote Access via Injected ArgumentsNetwork Scanner

High(7.3)

No
CodeChecker <= 6.24.1 - Authentication BypassNetwork Scanner

Critical(10)

No
Reposilite >= 3.3.0, < 3.5.12 - Arbitrary File ReadNetwork Scanner

High(8.6)

No
OpenAPI Generator <= 7.5.0 - Arbitrary File Read/DeleteNetwork Scanner

High(8.3)

No
GitHub Enterprise - SAML Authentication BypassNetwork Scanner
N/A
No
Atom.CMS 2.0 - SQL InjectionNetwork Scanner

Critical(9.8)

No
DedeCMS v5.7.111 - Cross-Site ScriptingNetwork Scanner

Medium(6.1)

No
ResourceSpace - Metadata ExportNetwork Scanner

Medium(6.5)

No
WAVLINK AC1200 - Information DisclosureNetwork Scanner

High(7.5)

No
Lantronix SecureLinx Spider (SLS) 2.2+ - Cross-Site ScriptingNetwork Scanner

Medium(6.1)

No
Cybersecurity Infrastructure Security Agency (CISA)Ivanti Cloud Services Appliance - Path TraversalNetwork Scanner

Critical(9.1)

No
Twisted - Open Redirect & XSSNetwork Scanner

Medium(6.1)

No
WordPress Core <6.5.2 - Cross-Site ScriptingNetwork Scanner

High(7.2)

No
Apache Solr - Deserialization of Untrusted DataNetwork Scanner

Critical(9.8)

No
ECShop 4.1.0 - SQL InjectionNetwork Scanner

High(7.5)

No
Lawo AG vsm LTC Time Sync (vTimeSync) - Path TraversalNetwork Scanner

High(7.5)

No
Qualitor <= v8.24 - Server-Side Request ForgeryNetwork Scanner

High(7.5)

No
Jenkins Script Security Plugin <=1.49 - Sandbox BypassNetwork Scanner

High(8.8)

No
Hide My WP Ghost < 5.2.02 - Hidden Login Page DisclosureNetwork Scanner

High(8.6)

No
LoLLMS WebUI - Subfolder Prediction via Path TraversalNetwork Scanner

Medium(4)

No
Apache Solr - Authentication BypassNetwork Scanner

Critical(9.8)

No
Time Clock <= 1.2.2 & Time Clock Pro <= 1.1.4 - Remote Code ExecutionNetwork Scanner

High(8.3)

No
OpenVPN Access Server 2.1.4 - CRLF InjectionNetwork Scanner

Medium(6.1)

No
WP Popup Builder Popup Forms and Marketing Lead Generation <= 1.3.5 - Arbitrary Shortcode ExecutionNetwork Scanner

High(7.3)

No
WordPress WP-Advanced-Search <= 3.3.9 - SQL InjectionNetwork Scanner

Critical(9.8)

No