Resources

Vulnerability & Exploit Database

This is the list of vulnerabilities you can detect with Pentest-Tools.com and the exploits currently available in the platform.

We detect more than 15.020 vulnerabilities with multiple tools (Network Scanner, Website Scanner, Wordpress Scanner, and more) and we also have 161 exploit modules in Sniper to validate the risk level of critical CVEs.

Display

Displaying 1 - 25 results out of 15.020

Pentest-Tools.com Vulnerabilities
Name
Detectable with
Detection added
Severity
Exploitable
with Sniper
Apache HTTP Server - ACL BypassNetwork Scanner

High(8.1)

No
Order Delivery Date Pro for WooCommerce < 12.3.1 - Arbitrary Option UpdateNetwork Scanner

Critical(9.8)

No
Gibbon LMS <= v25.0.01 - File Upload to RCENetwork Scanner

Critical(9.8)

No
Cybersecurity Infrastructure Security Agency (CISA)Sonicwall - Pre-Authentication Arbitrary File ReadNetwork Scanner

Critical(9.1)

No
draw.io < 18.0.5 - Server Side Request Forgery (SSRF)Network Scanner

High(7.5)

No
Mingsoft MCMS v5.2.7 - SQL InjectionNetwork Scanner

Critical(9.8)

No
Electrolink FM/DAB/TV Transmitter - Credentials DisclosureNetwork Scanner

High(7.5)

No
XWiki 5.0 < 16.8.0 Information Disclosure Vulnerability (GHSA-42fh-pvvh-999x)Network Scanner

Medium(4.7)

No
XWiki 1.6 < 15.10.16, 16.0.0 < 16.4.6, 16.5.0 < 16.10.1 SQLi Vulnerability (GHSA-g9jj-75mx-wjcx)Network Scanner
N/A
No
Erlang/OTP (Erlang OTP) DoS Vulnerability (Feb 2025) - WindowsNetwork Scanner
N/A
No
Sonos Speakers S2 App < 16.6 RCE Vulnerability (SSA-2024-0002)Network Scanner

High(8.8)

No
XWiki 1.8 < 15.10.16, 16.0.0 < 16.4.6, 16.5.0 < 16.10.1 SQLi Vulnerability (GHSA-f69v-xrj8-rhxf)Network Scanner
N/A
No
Apache Tomcat Rewrite Rule Bypass Vulnerability (Apr 2025) - WindowsNetwork Scanner
N/A
No
Erlang/OTP (Erlang OTP) DoS Vulnerability (Mar 2025) - WindowsNetwork Scanner

High(7.5)

No
Sonos Speakers S1 App < 11.15.1, S2 App < 16.6 Multiple RCE Vulnerabilities (SSA-2024-0002)Network Scanner

High(8.8)

No
Erlang/OTP (Erlang OTP) Prefix Truncation Attacks in SSH Specification (Terrapin Attack) - WindowsNetwork Scanner

Medium(5.9)

No
Erlang/OTP (Erlang OTP) Improper Certificate Validation Vulnerability (Dec 2024)Network Scanner

Medium(5.5)

No
Apache Tomcat DoS Vulnerability (Apr 2025) - WindowsNetwork Scanner
N/A
No
CraftCMS - Remote Code ExecutionNetwork Scanner

Critical(10)

No
NocoBase - Default LoginNetwork Scanner

High

No
Yacht - Default LoginNetwork Scanner

High

No
iTop - User Enumeration via REST EndpointNetwork Scanner

Medium(5.3)

No
Emerson Network Power IntelliSlot Web Card - ExposureNetwork Scanner

Medium

No
Oracle Retail Xstore Suite - Pre-authenticated Path TraversalNetwork Scanner

High(8.6)

No
Flarum < 1.8.5 - Open RedirectNetwork Scanner

Medium(4.7)

No