Resources

Vulnerability & Exploit Database

This is the list of vulnerabilities you can detect with Pentest-Tools.com and the exploits currently available in the platform.

We detect more than 15.484 vulnerabilities with multiple tools (Network Scanner, Website Scanner, Wordpress Scanner, and more) and we also have 166 exploit modules in Sniper to validate the risk level of critical CVEs.

Display

Displaying 1 - 25 results out of 15.484

Pentest-Tools.com Vulnerabilities
Name
Detectable with
Detection added
CVSSv3
EPSS Score
EPSS Percentile
Exploitable
with Sniper
Plex Media Server 1.41.7.x - 1.42.0.x Undisclosed VulnerabilityNetwork Scanner
N/A
0.010.29No
Apache Tomcat Session Fixation Vulnerability (Aug 2025) - WindowsNetwork Scanner

Medium(6.5)

0.010.02No
Apache Tika 1.13 - 3.2.1 XXE VulnerabilityNetwork Scanner

Critical(9.8)

0.010.09No
Cybersecurity Infrastructure Security Agency (CISA)FXC AE1021 / AE1021PE <= 2.0.9 OS Command Injection VulnerabilityNetwork Scanner

High(8.8)

0.420.98No
WordPress Quiz And Survey Master Plugin < 10.2.3 CSRF VulnerabilityNetwork Scanner

Medium(4.3)

0.010.08No
Cybersecurity Infrastructure Security Agency (CISA)Schneider Electric U.motion Builder - Remote Code ExecutionNetwork Scanner

Critical(9.8)

0.60.99No
Cybersecurity Infrastructure Security Agency (CISA)Cisco Smart Install - Configuration DownloadNetwork Scanner

Critical(9.8)

0.941No
Microweber CMS 2.0 - Reflected XSS in Admin Page CreationNetwork Scanner

Medium(6.1)

0.010.59No
Cybersecurity Infrastructure Security Agency (CISA)Samsung MagicINFO 9 Server - File Upload & Remote Code ExecutionNetwork Scanner

Critical(9.8)

0.620.99No
Login Configurator <=2.1 - Cross-Site ScriptingNetwork Scanner

Medium(6.1)

0.020.8No
OpenPLC Webserver v3 - Default LoginNetwork Scanner

High

N/A
N/A
No
Apache Unomi - Remote Code ExecutionNetwork Scanner

Critical(9.8)

0.831No
Microweber CMS2.0 - Cross-Site ScriptingNetwork Scanner

Medium(6.1)

0.010.6No
Parse Server - GraphQL Schema Information DisclosureNetwork Scanner

Medium(5.3)

0.020.8No
Commvault Initial Administrator Login Process VulnerabilityNetwork Scanner

Medium(5.4)

0.030.86No
Commvault - Unauthorized API AccessNetwork Scanner

Medium(6.5)

0.020.82No
PHPCMS 2008 - Remote Code Execution via Template InjectionNetwork Scanner

Critical(9.8)

0.871No
Request-Baskets <= 1.2.1 - Server Side Request ForgeryNetwork Scanner

Medium(6.5)

0.931No
AMD Pensando PSM - Default LoginNetwork Scanner

High

N/A
N/A
No
WordPress Advanced Custom Fields Plugin < 6.4.3 HTML Injection VulnerabilityNetwork Scanner
N/A
N/A
N/A
No
WordPress Advanced Custom Fields Pro Plugin < 6.4.3 HTML Injection VulnerabilityNetwork Scanner
N/A
N/A
N/A
No
WeGIA - Directory TraversalNetwork Scanner

Critical(6.5)

0.020.83No
Shenzhen Aitemi M300 Wi-Fi Repeater – Unauthenticated Remote Command Execution via `time` ParameterNetwork Scanner

Critical

0.020.8No
Checkmk Agent Info DisclosureNetwork Scanner

Medium

N/A
N/A
No
Microweber Exposed InstallationNetwork Scanner

High

N/A
N/A
No