Resources

Vulnerability & Exploit Database

This is the list of vulnerabilities you can detect with Pentest-Tools.com and the exploits currently available in the platform.

We detect more than 15.484 vulnerabilities with multiple tools (Network Scanner, Website Scanner, Wordpress Scanner, and more) and we also have 166 exploit modules in Sniper to validate the risk level of critical CVEs.

Display

Displaying 1 - 25 results out of 15.484

Pentest-Tools.com Vulnerabilities
Name	Detectable with	Detection added	CVSSv3	EPSS Score	EPSS Percentile	Exploitable with Sniper
Plex Media Server 1.41.7.x - 1.42.0.x Undisclosed Vulnerability CVE-2025-34158	Network Scanner	Aug 25, 2025	N/A	0.01	0.29	No
Apache Tomcat Session Fixation Vulnerability (Aug 2025) - Windows CVE-2025-55668	Network Scanner	Aug 25, 2025	Medium(6.5)	0.01	0.02	No
Apache Tika 1.13 - 3.2.1 XXE Vulnerability CVE-2025-54988	Network Scanner	Aug 25, 2025	Critical(9.8)	0.01	0.09	No
FXC AE1021 / AE1021PE <= 2.0.9 OS Command Injection Vulnerability CVE-2023-49897	Network Scanner	Aug 25, 2025	High(8.8)	0.42	0.98	No
WordPress Quiz And Survey Master Plugin < 10.2.3 CSRF Vulnerability CVE-2025-6790	Network Scanner	Aug 25, 2025	Medium(4.3)	0.01	0.08	No
Schneider Electric U.motion Builder - Remote Code Execution CVE-2018-7841	Network Scanner	Aug 25, 2025	Critical(9.8)	0.6	0.99	No
Cisco Smart Install - Configuration Download CVE-2018-0171	Network Scanner	Aug 24, 2025	Critical(9.8)	0.94	1	No
Microweber CMS 2.0 - Reflected XSS in Admin Page Creation CVE-2025-51502	Network Scanner	Aug 24, 2025	Medium(6.1)	0.01	0.59	No
Samsung MagicINFO 9 Server - File Upload & Remote Code Execution CVE-2025-4632	Network Scanner	Aug 23, 2025	Critical(9.8)	0.62	0.99	No
Login Configurator <=2.1 - Cross-Site Scripting CVE-2023-1893	Network Scanner	Aug 23, 2025	Medium(6.1)	0.02	0.8	No
OpenPLC Webserver v3 - Default Login	Network Scanner	Aug 23, 2025	High	N/A	N/A	No
Apache Unomi - Remote Code Execution CVE-2020-11975	Network Scanner	Aug 23, 2025	Critical(9.8)	0.83	1	No
Microweber CMS2.0 - Cross-Site Scripting CVE-2025-51501	Network Scanner	Aug 23, 2025	Medium(6.1)	0.01	0.6	No
Parse Server - GraphQL Schema Information Disclosure CVE-2025-53364	Network Scanner	Aug 23, 2025	Medium(5.3)	0.02	0.8	No
Commvault Initial Administrator Login Process Vulnerability CVE-2025-57789	Network Scanner	Aug 22, 2025	Medium(5.4)	0.03	0.86	No
Commvault - Unauthorized API Access CVE-2025-57788	Network Scanner	Aug 22, 2025	Medium(6.5)	0.02	0.82	No
PHPCMS 2008 - Remote Code Execution via Template Injection CVE-2018-19127	Network Scanner	Aug 21, 2025	Critical(9.8)	0.87	1	No
Request-Baskets <= 1.2.1 - Server Side Request Forgery CVE-2023-27163	Network Scanner	Aug 21, 2025	Medium(6.5)	0.93	1	No
AMD Pensando PSM - Default Login	Network Scanner	Aug 21, 2025	High	N/A	N/A	No
WordPress Advanced Custom Fields Plugin < 6.4.3 HTML Injection Vulnerability CVE-2023-54940	Network Scanner	Aug 20, 2025	N/A	N/A	N/A	No
WordPress Advanced Custom Fields Pro Plugin < 6.4.3 HTML Injection Vulnerability CVE-2023-54940	Network Scanner	Aug 20, 2025	N/A	N/A	N/A	No
WeGIA - Directory Traversal CVE-2025-55169	Network Scanner	Aug 20, 2025	Critical(6.5)	0.02	0.83	No
Shenzhen Aitemi M300 Wi-Fi Repeater – Unauthenticated Remote Command Execution via `time` Parameter CVE-2025-34152	Network Scanner	Aug 20, 2025	Critical	0.02	0.8	No
Checkmk Agent Info Disclosure	Network Scanner	Aug 20, 2025	Medium	N/A	N/A	No
Microweber Exposed Installation	Network Scanner	Aug 20, 2025	High	N/A	N/A	No

Vulnerability & Exploit Database

One of EMEA's fastest-growing tech companies.

48,000+ security folks are here. Are you?

More than demos - real faces, real insight.

Security leaders trust what they can prove