Resources

Vulnerability & Exploit Database

This is the list of vulnerabilities you can detect with Pentest-Tools.com and the exploits currently available in the platform.

We detect more than 16.061 vulnerabilities with multiple tools (Network Scanner, Website Scanner, Wordpress Scanner, and more) and we also have 176 exploit modules in Sniper to validate the risk level of critical CVEs.

Display

Is exploitable with Sniper

Is in CISA catalog

Detectable with

Displaying 1 - 25 results out of 15.919

Pentest-Tools.com Vulnerabilities
Name	Detectable with	Detection added	CVSSv3	EPSS Score	EPSS Percentile	Exploitable with Sniper
Munin Monitoring Dashboard - Exposure	Network Scanner	Dec 6, 2025	Medium	N/A	N/A	No
ZZZCMS ZZZPHP 1.6.3 – Remote PHP Code Execution (RCE) CVE-2019-10647	Network Scanner	Dec 6, 2025	Critical(9.8)	0.01	0.74	No
ONLYOFFICE Docs (DocumentServer) - Reflected Cross-Site Scripting CVE-2025-5301	Network Scanner	Dec 6, 2025	Medium(6.1)	0.01	0.46	No
WordPress <= 5.2.4 - Unauthenticated View Private/Draft Posts CVE-2019-17671	Network Scanner	Dec 5, 2025	Medium(5.3)	0.76	0.99	No
React Server Components - Remote Code Execution CVE-2025-55182	Network Scanner	Dec 5, 2025	Critical(10)	0.14	0.95	No
Microsoft SharePoint - List API Disclosure	Network Scanner	Dec 4, 2025	Low	N/A	N/A	No
HT Mega – Absolute Addons for Elementor <= 2.2.0 - Missing Authorization to Privilege Escalation CVE-2023-37999	Network Scanner	Dec 4, 2025	Critical(9.8)	0.62	0.99	No
Post Grid <= 2.2.50 - Information Exposure via REST API CVE-2023-40211	Network Scanner	Dec 4, 2025	High(7.5)	0.53	0.98	No
WP Google Maps < 9.0.48 - Cross-Site Scripting CVE-2025-11307	Network Scanner	Dec 4, 2025	High(8.8)	0.14	0.95	No
OpenWRT Privilege Escalation Vulnerability (Mar 2025) CVE-2024-51240	Network Scanner	Dec 3, 2025	High(8)	0.01	0.06	No
freeFTPD < 1.0.12 PASS Command Buffer Overflow Vulnerability CVE-2013-10042	Network Scanner	Dec 3, 2025	Critical(9.8)	0.63	0.99	No
RegistrationMagic <= 5.0.1.7 - Authentication Bypass CVE-2021-4073	Network Scanner	Dec 3, 2025	Critical(9.8)	0.72	0.99	No
Apache Struts DoS Vulnerability (S2-068) CVE-2025-64775	Network Scanner	Dec 3, 2025	High(7.5)	0.01	0.27	No
Caldera Forms < 1.9.7 - Reflected Cross-Site Scripting CVE-2022-0879	Network Scanner	Dec 3, 2025	Medium(6.1)	0.03	0.84	No
elFinder < 2.1.58 - Remote Code Execution CVE-2021-23394	Network Scanner	Dec 3, 2025	High(8.1)	0.71	0.99	No
Synology DiskStation Manager (DSM) File Write Vulnerability (Synology-SA-24:20) - Remote Known Vulnerable Versions Check CVE-2024-10445	Network Scanner	Dec 3, 2025	Medium(4.3)	0.01	0.17	No
WP Live Chat Support <= 8.0.27 — Stored Cross-Site Scripting CVE-2019-14950	Network Scanner	Dec 3, 2025	Medium(6.1)	0.06	0.91	No
Fortinet FortiWeb - Authentication Bypass & Remote Code Execution CVE-2025-64446 CVE-2025-58034	Network Scanner	Dec 2, 2025	Critical(9.8)	0.88	1	Yes
ShortCode Addons - Unauthenticated Options Update CVE-2022-34487	Network Scanner	Dec 2, 2025	Critical(9.8)	0.49	0.98	No
PrestaShop - Information Disclosure CVE-2025-51586	Network Scanner	Dec 2, 2025	Medium(3.7)	0.02	0.78	No
Apache2 - Transfer-Encoding Chunked XSS CVE-2018-17082	Network Scanner	Dec 2, 2025	Medium(6.1)	0.13	0.94	No
News & Blog Designer Pack – WordPress Blog Plugin <= 3.4.1 - Unauthenticated Local File Inclusion CVE-2023-5815	Network Scanner	Dec 2, 2025	High(8.1)	0.46	0.98	No
SolarWinds Serv-U FTP - Remote Code Execution	Network Scanner	Dec 2, 2025	Critical	N/A	N/A	No
WP Popups - Information Disclosure CVE-2024-6555	Network Scanner	Dec 2, 2025	Medium(5.3)	0.09	0.93	No
Prestashop Blockwishlist 2.1.0 SQL Injection CVE-2022-31101	Network Scanner	Dec 2, 2025	High(8.1)	0.55	0.98	No

Vulnerability & Exploit Database

One of EMEA's fastest-growing tech companies.

50,000+ security folks are here. Are you?

More than demos - real faces, real insight.

Security leaders trust what they can prove