Resources

Vulnerability & Exploit Database

This is the list of vulnerabilities you can detect with Pentest-Tools.com and the exploits currently available in the platform.

We detect more than 14.295 vulnerabilities with multiple tools (Network Scanner, Website Scanner, Wordpress Scanner, and more) and we also have 151 exploit modules in Sniper to validate the risk level of critical CVEs.

Display

Displaying 1 - 25 results out of 14.295

Pentest-Tools.com Vulnerabilities
Name	Detectable with	Detection added	Severity	Exploitable with Sniper
Aimhubio Aim Server 3.19.3 - Arbitrary File Overwrite CVE-2024-6396	Network Scanner	Dec 20, 2024	Critical(9.8)	No
ThinkPHP 6.0.0-6.0.1 - Arbitrary File Write	Network Scanner	Dec 20, 2024	Critical	No
PAN-OS Management Web Interface - Command Injection CVE-2024-9474	Network Scanner	Dec 20, 2024	High(7.2)	No
mooSocial 3.1.8 - External Service Interaction CVE-2023-43323	Network Scanner	Dec 20, 2024	Medium(6.5)	No
ServiceNow UI Macros - Template Injection CVE-2024-4879	Network Scanner	Dec 20, 2024	High(9.8)	No
Netmaker - Hardcoded DNS Secret Key CVE-2023-32077	Network Scanner	Dec 20, 2024	High(7.5)	No
Gradio 3.47 - 3.50.2 - Local File Inclusion CVE-2024-1561	Network Scanner	Dec 20, 2024	High(7.5)	No
Base64 Encoder/Decoder <= 0.9.2 - Cross-Site Scripting CVE-2024-3822	Network Scanner	Dec 20, 2024	Medium(6.5)	No
Popup Builder Plugin - SQL Injection and Cross-Site Scripting CVE-2022-0479	Network Scanner	Dec 20, 2024	Critical(9.8)	No
CrateDB Database - Arbitrary File Read CVE-2024-24565	Network Scanner	Dec 20, 2024	Medium(6.5)	No
Last.fm Rotation 1.0 - Path Traversal CVE-2014-5181	Network Scanner	Dec 20, 2024	Medium(5)	No
Cloudflare Rocket Loader - HTML Injection	Network Scanner	Dec 20, 2024	Low	No
GestSup - Account Takeover CVE-2024-23163	Network Scanner	Dec 20, 2024	Critical(9.8)	No
Dahua DSS - SQL Injection (CNVD-2017-06001) CNVD-2017-06001	Network Scanner	Dec 20, 2024	High	No
POS Codekop v2.0 - Broken Authentication CVE-2023-36347	Network Scanner	Dec 20, 2024	High(7.5)	No
nginxWebUI <= 3.5.0 - Remote Command Execution	Network Scanner	Dec 20, 2024	Critical	No
Chuanhu Chat - Directory Traversal CVE-2024-3234	Network Scanner	Dec 20, 2024	Critical(9.8)	No
EyouCms v1.6.2 - Cross-Site Scripting CVE-2023-41597	Network Scanner	Dec 20, 2024	Medium(6.1)	No
Control iD iDSecure - Authentication Bypass CVE-2023-6329	Network Scanner	Dec 20, 2024	Critical(9.8)	No
GestSup - Cross-Site Scripting CVE-2024-23167	Network Scanner	Dec 20, 2024	High(8.6)	No
Gradio 3.47 - 3.50.2 - Server-Side Request Forgery CVE-2024-1561	Network Scanner	Dec 20, 2024	High(7.5)	No
Next.js Cache Poisoning	Network Scanner	Dec 20, 2024	High	No
PaloAlto Networks Expedition - Remote Code Execution CVE-2024-9463	Network Scanner	Dec 20, 2024	Critical(9.9)	No
IBM WebSphere Application Server 7.x < 7.0.0.13 Multiple Vulnerabilities CVE-2010-0784 CVE-2010-4220	Network Scanner	Dec 18, 2024	N/A	No
IBM WebSphere Application Server 7.x < 7.0.0.13 WS-Security Policy Vulnerability CVE-2010-3186	Network Scanner	Dec 18, 2024	N/A	No