Resources

Vulnerability & Exploit Database

This is the list of vulnerabilities you can detect with Pentest-Tools.com and the exploits currently available in the platform.

We detect more than 15.111 vulnerabilities with multiple tools (Network Scanner, Website Scanner, Wordpress Scanner, and more) and we also have 161 exploit modules in Sniper to validate the risk level of critical CVEs.

Display

Displaying 1 - 25 results out of 15.111

Pentest-Tools.com Vulnerabilities
Name	Detectable with	Detection added	Severity	Exploitable with Sniper
CraftCMS - Remote Code Execution CVE-2025-32432	Network Scanner	Apr 29, 2025	Critical(10)	No
Flarum < 1.8.5 - Open Redirect CVE-2024-21641	Network Scanner	Apr 28, 2025	Medium(4.7)	No
iTop - User Enumeration via REST Endpoint CVE-2024-51739	Network Scanner	Apr 28, 2025	Medium(5.3)	No
Oracle Retail Xstore Suite - Pre-authenticated Path Traversal CVE-2024-21136	Network Scanner	Apr 28, 2025	High(8.6)	No
Commvault - SSRF via /commandcenter/deployWebpackage.do CVE-2025-34028	Network Scanner	Apr 28, 2025	Critical(10)	No
Emerson Network Power IntelliSlot Web Card - Exposure	Network Scanner	Apr 28, 2025	Medium	No
NocoBase - Default Login	Network Scanner	Apr 28, 2025	High	No
Yacht - Default Login	Network Scanner	Apr 28, 2025	High	No
SAP NetWeaver - Backdoor	Network Scanner	Apr 27, 2025	Critical	No
SAP NetWeaver Visual Composer Metadata Uploader - Deserialization CVE-2025-31324	Network Scanner	Apr 27, 2025	Critical(10)	No
Unraid OS < 7.0.1 Multiple Vulnerabilities CVE-2025-29266 CVE-2024-12705 CVE-2024-11187 CVE-2025-0725 CVE-2025-0665 CVE-2025-0167 CVE-2024-50349 CVE-2024-52006 CVE-2024-12243 CVE-2024-12133 CVE-2025-24928 CVE-2024-56171 CVE-2025-21490 CVE-2025-26465 CVE-2025-26466 CVE-2024-12084 CVE-2024-12085 CVE-2024-12086 CVE-2024-12087 CVE-2024-12088	Network Scanner	Apr 25, 2025	Critical(9.6)	No
Oracle MySQL Server 8.4.0, 9.0.0 Security Update (cpuapr2025) - Windows CVE-2025-21583	Network Scanner	Apr 25, 2025	Medium(4.9)	No
Discourse < 3.2.1 Multiple Vulnerabilities CVE-2024-24748 CVE-2024-24827 CVE-2024-27085 CVE-2024-27100 CVE-2024-28242	Network Scanner	Apr 25, 2025	Medium(5.3)	No
Joomla! Authentication Bypass Vulnerability (20250402) CVE-2025-25227	Network Scanner	Apr 25, 2025	High(7.5)	No
NodeBB < 4.0.5 Multiple Vulnerabilities CVE-2025-29513 CVE-2025-29512	Network Scanner	Apr 25, 2025	Medium(6.1)	No
TP-Link AX21 Router Devices Multiple Vulnerabilities (Apr 2023) CVE-2023-1389 CVE-2023-27359	Network Scanner	Apr 25, 2025	Critical(9.8)	No
WordPress ProfilePress Plugin < 4.15.19 Information Disclosure Vulnerability CVE-2024-11083	Network Scanner	Apr 25, 2025	Medium(5.3)	No
WordPress ProfilePress Plugin < 3.2.3 Multiple Vulnerabilities CVE-2021-24954 CVE-2021-24955	Network Scanner	Apr 25, 2025	Medium(6.1)	No
Tiki Wiki CMS Groupware < 21.12, 22.0 < 24.8, 25.0 < 27.2, 28.0 < 28.3 Code Injection Vulnerability CVE-2025-32461	Network Scanner	Apr 25, 2025	Critical(9.9)	No
Edimax Router Devices Default Credentials (HTTP) CVE-2004-1791	Network Scanner	Apr 25, 2025	N/A	No
Kentico CMS <= 12.0.14 RCE Vulnerability CVE-2019-10068	Network Scanner	Apr 25, 2025	Critical(9.8)	No
Cisco Video Surveillance Operations Manager Multiple Vulnerabilities (cisco-sa-20130724-vsm) - Active Check CVE-2013-3429 CVE-2013-3430 CVE-2013-3431	Network Scanner	Apr 25, 2025	N/A	No
Canon Printers Buffer Overflow Vulnerability (CP2024-002) CVE-2024-2184	Network Scanner	Apr 25, 2025	Critical(9.8)	No
D-Link DIR-618 Multiple Vulnerabilities (2025) CVE-2025-2546 CVE-2025-2547 CVE-2025-2548 CVE-2025-2549 CVE-2025-2550 CVE-2025-2551 CVE-2025-2552 CVE-2025-2553	Network Scanner	Apr 25, 2025	N/A	No
Tiki Wiki CMS Groupware <= 27.0 Multiple XSS Vulnerabilities CVE-2024-51506 CVE-2024-51507 CVE-2024-51508 CVE-2024-51509	Network Scanner	Apr 25, 2025	Medium(4.8)	No