Resources

Vulnerability & Exploit Database

This is the list of vulnerabilities you can detect with Pentest-Tools.com and the exploits currently available in the platform.

We detect more than 12.070 vulnerabilities with multiple tools (Network Scanner, Website Scanner, Wordpress Scanner, and more) and we also have 150 exploit modules in Sniper to validate the risk level of critical CVEs.

Display

Displaying 1 - 25 results out of 12.070

Pentest-Tools.com Vulnerabilities
Name	Detectable with	Detection added	Severity	Exploitable with Sniper
Nagios XI < 5.8.6 - Cross-Site Scripting CVE-2021-38156	Network Scanner	Oct 28, 2024	Medium(5.4)	No
Zitadel - User Registration Bypass CVE-2024-49757	Network Scanner	Oct 28, 2024	High(7.5)	No
OpenVPN Access Server 2.1.4 - CRLF Injection CVE-2017-5868	Network Scanner	Oct 28, 2024	Medium(6.1)	No
Jenkins CLI - HTTP Java Deserialization CVE-2016-9299	Network Scanner	Oct 28, 2024	Critical(9.8)	No
WP Popup Builder Popup Forms and Marketing Lead Generation <= 1.3.5 - Arbitrary Shortcode Execution CVE-2024-9061	Network Scanner	Oct 28, 2024	High(7.3)	No
WordPress WP-Advanced-Search <= 3.3.9 - SQL Injection CVE-2024-9796	Network Scanner	Oct 28, 2024	Critical(9.8)	No
Time Clock <= 1.2.2 & Time Clock Pro <= 1.1.4 - Remote Code Execution CVE-2024-9593	Network Scanner	Oct 28, 2024	High(8.3)	No
Nagios XI v5.11.0 - SQL Injection CVE-2023-40931	Network Scanner	Oct 25, 2024	Medium(6.5)	No
WordPress Core 5.0.0 - Crop-image Shell Upload CVE-2019-8943	Network Scanner	Oct 23, 2024	Medium(6.5)	No
Intel Neural Compressor <2.5.0 - SQL Injection CVE-2024-22476	Network Scanner	Oct 23, 2024	Critical(10)	No
PHP - LFR to Remote Code Execution CVE-2024-2961	Network Scanner	Oct 23, 2024	High(7.3)	No
Zhejiang Dahua Smart Cloud Gateway Registration Platform - SQL Injection (CNVD-2024-38747) CNVD-2024-38747	Network Scanner	Oct 23, 2024	N/A	No
PHPJabbers Food Delivery Script - SQL Injection CVE-2023-40748	Network Scanner	Oct 23, 2024	Critical(9.8)	No
Danswer - Insecure Direct Object Reference CVE-2024-9617	Network Scanner	Oct 23, 2024	Medium(6.5)	No
openSIS < 9.1 - SQL Injection CVE-2024-35584	Network Scanner	Oct 23, 2024	High(8.8)	No
PHPJabbers Fundraising Script v1.0 - Cross-Site Scripting CVE-2023-40751	Network Scanner	Oct 22, 2024	Medium(6.1)	No
PHPJabbers Make an Offer Widget v1.0 - Cross-Site Scripting CVE-2023-40752	Network Scanner	Oct 22, 2024	Medium(6.1)	No
Public AWS Bucket multipart uploads listing detection	Cloud Scanner	Oct 22, 2024	N/A	No
PHPJabbers Callback Widget v1.0 - Cross-Site Scripting CVE-2023-40755	Network Scanner	Oct 22, 2024	Medium(6.1)	No
Revive Adserver 5.4.1 - Cross-Site Scripting CVE-2023-38040	Network Scanner	Oct 22, 2024	Medium(6.1)	No
PHPJabbers Food Delivery Script v3.0 - SQL Injection CVE-2023-40749	Network Scanner	Oct 22, 2024	Critical(9.8)	No
GutenKit <= 2.1.0 - Arbitrary File Upload CVE-2024-9234	Network Scanner	Oct 22, 2024	Critical(9.8)	No
PHPJabbers Ticket Support Script v3.2 - Cross-Site Scripting CVE-2023-40753	Network Scanner	Oct 22, 2024	Medium(5.4)	No
ECTouch v2 - SQL Injection CVE-2023-39560	Network Scanner	Oct 22, 2024	Critical(9.8)	No
Hoteldruid v3.0.5 - SQL Injection CVE-2023-43373	Network Scanner	Oct 22, 2024	Critical(9.8)	No