Resources

Vulnerability & Exploit Database

This is the list of vulnerabilities that can be detected with Pentest-Tools.com and the exploits that are currently available in the platform.

We detect more than 11.376 vulnerabilities with multiple tools (Network Scanner, Website Scanner, Wordpress Scanner, and more) and we also have 140 exploit modules in Sniper to validate the risk level of critical CVEs.

Display

Displaying 1 - 25 results out of 11.376

Pentest-Tools.com Vulnerabilities
Name
CVE
Detectable
with
Detection added
Severity
CVSSv3
score
Exploitable
with Sniper
Chamilo LMS <= 1.11.24 - Remote Code ExecutionNetwork Scanner

Medium

6.1No
TrakSYS 11.x.x - Sensitive Data ExposureNetwork Scanner

Medium

5.3No
Hash Form <= 1.1.0 - Arbitrary File UploadNetwork Scanner

Critical

9.8No
Edito CMS - Sensitive Data LeakNetwork Scanner

High

7.5No
EduSoho < v22.4.7 - Local File Inclusion (CNVD-2023-03903)Network Scanner
---
---No
Leadsec VPN - Arbitrary File Read (CNVD-2021-64035)Network Scanner
---
---No
Ollama - Remote Code ExecutionNetwork Scanner
---
---No
Linksys RE7000 - Command InjectionNetwork Scanner
---
---No
Label Studio - Sensitive Information ExposureNetwork Scanner

High

7.5No
Splunk Enterprise - Local File InclusionNetwork Scanner

High

7.5No
XWiki >= 3.4-milestone-1 - Cross-Site ScriptingNetwork Scanner

Medium

6.1No
XWiki >= 6.2-milestone-1 - Cross-Site ScriptingNetwork Scanner

Medium

6.1No
Sharp Multifunction Printers - Cookie ExposureNetwork Scanner

Critical

9.1No
D-LINK DIR-845L bsc_sms_inbox.php file - Information DisclosureNetwork Scanner

Medium

5.3No
XWiki >= 6.0-rc-1 - Cross-Site ScriptingNetwork Scanner

Medium

6.1No
Deep Sea Electronics DSE855 - Authentication BypassNetwork Scanner

Medium

6.5No
GeoServer RCE in Evaluating Property Name ExpressionsNetwork Scanner

Critical

9.8No
XWiki >= 2.5-milestone-2 - Cross-Site ScriptingNetwork Scanner

Medium

6.1No
Cybersecurity Infrastructure Security Agency (CISA)ManageEngine Desktop Central Java DeserializationNetwork Scanner

Critical

9.8No
Sharp Multifunction Printers - Directory ListingNetwork Scanner

High

7.5No
LearnPress WordPress LMS Plugin <= 4.2.6.5 - SQL InjectionNetwork Scanner

Critical

9.8No
Cybersecurity Infrastructure Security Agency (CISA)Spring Framework RCE via Data Binding on JDK 9+Network Scanner

Critical

9.8No
Zyxel NAS326 Firmware < V5.21(AAZF.17)C0 - NsaRescueAngel Backdoor AccountNetwork Scanner

Critical

9.88No
WAVLINK WN579X3 - Remote Command ExecutionNetwork Scanner

Critical

9.8No
Oracle Business Intelligence - Remote Code ExecutionNetwork Scanner

Critical

9.8Yes