Resources

Vulnerability & Exploit Database

This is the list of vulnerabilities that can be detected with Pentest-Tools.com and the exploits that are currently available in the platform.

We detect more than 11.337 vulnerabilities with multiple tools (Network Scanner, Website Scanner, Wordpress Scanner, and more) and we also have 136 exploit modules in Sniper to validate the risk level of critical CVEs.

Display

Displaying 1 - 25 results out of 11.337

Pentest-Tools.com Vulnerabilities
Name
CVE
Detectable
with
Detection added
Severity
CVSSv3
score
Exploitable
with Sniper
XWiki < 4.10.15 - Email DisclosureNetwork Scanner

Medium

5.3No
XWiki < 4.10.15 - Sensitive Information DisclosureNetwork Scanner

High

7.5No
F-logic DataCube3 - SQL InjectionNetwork Scanner

High

---No
Ivanti EPM - Remote Code ExecutionNetwork Scanner

High

9.6No
Exrick XMall - SQL InjectionNetwork Scanner

High

9.8No
CRMEB v.5.2.2 - SQL InjectionNetwork Scanner

High

7.5No
D-LINK DNS-320L,DNS-320LW and DNS-327L - Information DisclosureNetwork Scanner

Medium

5.3No
Smart S210 Management Platform - Arbitary File UploadNetwork Scanner

High

9.8No
XWiki < 4.10.20 - Remote code executionNetwork Scanner

High

9.8No
Fujian Kelixin Communication - Command InjectionNetwork Scanner

Medium

6.3No
Smart s200 Management Platform v.S200 - SQL InjectionNetwork Scanner

High

---No
EyouCms v1.6.3 - Information DisclosureNetwork Scanner

Medium

5.3No
XWiki < 4.10.15 - Information DisclosureNetwork Scanner

High

7.5No
LyLme-Spage - Arbitary File UploadNetwork Scanner

High

---No
XWiki - Open RedirectNetwork Scanner

Medium

6.1No
Gradio < 2.5.0 - Arbitrary File ReadNetwork Scanner

High

7.7No
SolarWinds Serv-U - Directory TraversalNetwork Scanner

High

7.5No
Gradio Hugging Face - Local File InclusionNetwork Scanner

High

7.5No
Gradio > 4.19.1 UploadButton - Path TraversalNetwork Scanner

High

7.5No
Apache OFBiz Directory Traversal - Remote Code ExecutionNetwork Scanner

High

---No
Cybersecurity Infrastructure Security Agency (CISA)Apache Druid - Remote Code Execution (Apache Log4j)Network Scanner

High

10No
Weaver OA XmlRpcServlet - Arbitary File Read (CNVD-2022-43245)Network Scanner

High

7.5No
SecurEnvoy Two Factor Authentication - LDAP InjectionNetwork Scanner

High

7.5No
IBM Operational Decision Manager - JNDI InjectionNetwork Scanner

High

9.8No
UFIDA NC uapjs - RCE vulnerability (CNVD-C-2023-76801)Network Scanner

High

9.8No