Resources

Vulnerability & Exploit Database

This is the list of vulnerabilities you can detect with Pentest-Tools.com and the exploits currently available in the platform.

We detect more than 12.132 vulnerabilities with multiple tools (Network Scanner, Website Scanner, Wordpress Scanner, and more) and we also have 150 exploit modules in Sniper to validate the risk level of critical CVEs.

Display

Displaying 1 - 25 results out of 12.132

Pentest-Tools.com Vulnerabilities
Name	Detectable with	Detection added	Severity	Exploitable with Sniper
Angular-Base64-Upload - Remote Code Execution CVE-2024-42640	Network Scanner	Nov 20, 2024	Critical(10)	No
Ivanti Avalanche SmartDeviceServer - XML External Entity CVE-2024-38653	Network Scanner	Nov 20, 2024	High(7.5)	No
PAN-OS Management Web Interface - Authentication Bypass CVE-2024-0012	Network Scanner	Nov 20, 2024	Critical(9.8)	No
Wavlink WL-WN530HG4 M30HG4.V5030.201217 - Information Disclosure CVE-2022-48166	Network Scanner	Nov 19, 2024	High(7.5)	No
Wavlink WL-WN533A8 M33A8.V5030.190716 - Information Disclosure CVE-2022-48164	Network Scanner	Nov 19, 2024	High(7.5)	No
WAVLINK Quantum D4G (WL-WN531G3) - Information Disclosure CVE-2022-44356	Network Scanner	Nov 19, 2024	High(7.5)	No
Safe Editor Plugin < 1.2 - CSS/JS-injection CVE-2016-10976	Network Scanner	Nov 18, 2024	Medium(6.1)	No
D-Link NAS - Command Injection via Group Parameter CVE-2024-10915	Network Scanner	Nov 18, 2024	Critical(9.8)	No
Z-Downloads < 1.11.7 - Cross-Site Scripting CVE-2024-8673	Network Scanner	Nov 18, 2024	Low(3.5)	No
Timesheet Plugin < 0.1.5 - Cross-Site Scripting CVE-2017-18590	Network Scanner	Nov 18, 2024	Medium(6.1)	No
D-Link NAS - Command Injection via Name Parameter CVE-2024-10914	Network Scanner	Nov 18, 2024	Critical(9.8)	No
Visual CSS Style Editor < 7.5.4 - Cross-Site Scripting CVE-2021-24934	Network Scanner	Nov 18, 2024	Medium(6.1)	No
CodeChecker <= 6.24.1 - Authentication Bypass CVE-2024-10081	Network Scanner	Nov 13, 2024	Critical(10)	No
Reposilite >= 3.3.0, < 3.5.12 - Arbitrary File Read CVE-2024-36117	Network Scanner	Nov 13, 2024	High(8.6)	No
Symfony Profiler - Remote Access via Injected Arguments CVE-2024-50340	Network Scanner	Nov 13, 2024	High(7.3)	No
OpenAPI Generator <= 7.5.0 - Arbitrary File Read/Delete CVE-2024-35219	Network Scanner	Nov 13, 2024	High(8.3)	No
GitHub Enterprise - SAML Authentication Bypass CVE-2024-9487	Network Scanner	Nov 11, 2024	Critical(9.1)	No
Atom.CMS 2.0 - SQL Injection CVE-2022-28033	Network Scanner	Nov 7, 2024	Critical(9.8)	No
Lantronix SecureLinx Spider (SLS) 2.2+ - Cross-Site Scripting CVE-2018-10383	Network Scanner	Nov 7, 2024	Medium(6.1)	No
DedeCMS v5.7.111 - Cross-Site Scripting CVE-2023-49494	Network Scanner	Nov 7, 2024	Medium(6.1)	No
ResourceSpace - Metadata Export CVE-2022-31260	Network Scanner	Nov 7, 2024	Medium(6.5)	No
WAVLINK AC1200 - Information Disclosure CVE-2021-44260	Network Scanner	Nov 7, 2024	High(7.5)	No
Ivanti Cloud Services Appliance - Path Traversal CVE-2024-8963	Network Scanner	Nov 6, 2024	Critical(9.1)	No
Twisted - Open Redirect & XSS CVE-2024-41810	Network Scanner	Nov 5, 2024	Medium(6.1)	No
WordPress Core <6.5.2 - Cross-Site Scripting CVE-2024-4439	Network Scanner	Nov 5, 2024	High(7.2)	No