Resources

Vulnerability & Exploit Database

This is the list of vulnerabilities you can detect with Pentest-Tools.com and the exploits currently available in the platform.

We detect more than 15.415 vulnerabilities with multiple tools (Network Scanner, Website Scanner, Wordpress Scanner, and more) and we also have 166 exploit modules in Sniper to validate the risk level of critical CVEs.

Display

Displaying 1 - 25 results out of 15.415

Pentest-Tools.com Vulnerabilities
Name
Detectable with
Detection added
Severity
Exploitable
with Sniper
White Star Software ProTop - Directory TraversalNetwork Scanner

High(8.2)

No
Artica Proxy - Unauthenticated LFINetwork Scanner

High(7.5)

No
Apache InLong - Default LoginNetwork Scanner

High

No
EasyCVR <=2.1.2 - Information DisclosureNetwork Scanner

Medium(5.3)

No
EasyCVR User - Information DisclosureNetwork Scanner

Medium

No
XWiki 15.9-rc-1 < 15.10.8, 16.0.0-rc-1 < 16.2.0 RCE Vulnerability (GHSA-mvgm-3rw2-7j4r)Network Scanner

Critical(9)

No
XWiki 15.9-rc-1 < 15.10.16, 16.0.0-rc-1 < 16.4.7, 16.5.0-rc-1 < 16.10.2 XSS Vulnerability (GHSA-j7p2-87q3-44w7)Network Scanner
N/A
No
XWiki 13.5-rc-1 < 15.10.13, 16.0.0-rc-1 < 16.4.4, 16.5.0-rc-1 < 16.8.0 Open Redirect Vulnerability (GHSA-pjhg-9wr9-rj96)Network Scanner

Medium(6.1)

No
WordPress Information Disclosure Vulnerability (July 2025) - WindowsNetwork Scanner

Low(3.7)

No
Bonita Web 2021.2 - Authentication/Authorization BypassNetwork Scanner

Critical(9.8)

No
XWiki 4.5.1 < 15.10.13, 16.0.0-rc-1 < 16.4.4, 16.5.0-rc-1 < 16.8.0 Incorrect Authorization Vulnerability (GHSA-987p-r3jc-8c8v)Network Scanner

Low(3.8)

No
XWiki 11.10.11 < 16.4.7, 16.5.0-rc-1 < 16.10.3, 17.0.0-rc-1 < 17.0.0 RCE Vulnerability (GHSA-9875-cw22-f7cx)Network Scanner
N/A
No
XWiki 15.9-rc-1 < 16.4.7, 16.5.0-rc-1 < 16.10.3, 17.0.0-rc-1 < 17.0.0 RCE Vulnerability (GHSA-c32m-27pj-4xcj)Network Scanner
N/A
No
XWiki 15.3-rc-1 < 15.10.14, 16.0.0-rc-1 < 16.4.6, 16.5.0-rc-1 < 16.10.0 Missing Authorization Vulnerability (GHSA-f9c6-2f9p-82jj)Network Scanner
N/A
No
XWiki 7.4.5 < 8.0, 8.2 < 16.4.7, 16.5.0-rc-1 < 16.10.4, 17.0.0-rc-1 < 17.1.0 Privilege Escalation Vulnerability (GHSA-jm43-hrq7-r7w6)Network Scanner
N/A
No
Emby Server <= 4.8 Multiple VulnerabilitiesNetwork Scanner

High(8.6)

No
aiohttp < 3.12.14 HTTP Request Smuggling Vulnerability - WindowsNetwork Scanner
N/A
No
MikroTik RouterOS 7.x < 7.19.2 XSS VulnerabilityNetwork Scanner
N/A
No
OpenMetadata - Default LoginNetwork Scanner

High

No
Open Redirect via Organization SwitchingNetwork Scanner

Medium(4.2)

No
MikroTik RouterOS <= 7.19.3 Access Control VulnerabilityNetwork Scanner

Medium(7.2)

No
Sonos Era < 83.1-61240 RCE VulnerabilityNetwork Scanner

High(8.8)

No
Emby Server < 4.8.9 XSS VulnerabilityNetwork Scanner

Medium(6.1)

No
Apache HTTP Server 2.4.64 RewriteCond Vulnerability - WindowsNetwork Scanner

Medium(6.3)

No
Cybersecurity Infrastructure Security Agency (CISA)Laravel < 5.6.30 RCE VulnerabilityNetwork Scanner

High(8.1)

No