Resources

Vulnerability & Exploit Database

This is the list of vulnerabilities you can detect with Pentest-Tools.com and the exploits currently available in the platform.

We detect more than 15.432 vulnerabilities with multiple tools (Network Scanner, Website Scanner, Wordpress Scanner, and more) and we also have 166 exploit modules in Sniper to validate the risk level of critical CVEs.

Display

Is exploitable with Sniper

Is in CISA catalog

Detectable with

Displaying 1 - 25 results out of 81

Pentest-Tools.com Vulnerabilities
Name	Detectable with	Detection added	CVSSv3	EPSS Score	EPSS Percentile	Exploitable with Sniper
Response Header Injection	Website Scanner	Apr 7, 2025	High	N/A	N/A	No
DOM-based Open Redirect	Website Scanner	Mar 5, 2025	Low	N/A	N/A	No
Ruby Insecure Deserialization	Website Scanner	Dec 10, 2024	Critical	N/A	N/A	No
Misconfigurations	Website Scanner	Nov 26, 2024	Low	N/A	N/A	No
Python Insecure Deserialization	Website Scanner	Nov 12, 2024	Critical	N/A	N/A	No
PHP Insecure Deserialization	Website Scanner	Oct 22, 2024	Critical	N/A	N/A	No
.NET Insecure Deserialization	Website Scanner	Sep 10, 2024	Critical	N/A	N/A	No
Session Token in URL	Website Scanner	Aug 6, 2024	Low	N/A	N/A	No
Password Returned in Later Response	Website Scanner	Jul 30, 2024	Medium	N/A	N/A	No
SQL Statement in Request Parameter	Website Scanner	Jul 30, 2024	Low	N/A	N/A	No
HTTP/2 Request Smuggling	Website Scanner	Jul 2, 2024	High	N/A	N/A	No
JWT Unverified Signature	Website Scanner	Jun 18, 2024	High	N/A	N/A	No
JWT Weak Secret Key	Website Scanner	Jun 18, 2024	High	N/A	N/A	No
JWT None Algorithm	Website Scanner	Jun 18, 2024	High	N/A	N/A	No
JWT Algorithm Confusion	Website Scanner	Jun 18, 2024	High	N/A	N/A	No
JWT weakness	Website Scanner	Apr 16, 2024	High	N/A	N/A	No
Password Submitted in URL	Website Scanner	Apr 2, 2024	Low	N/A	N/A	No
DOM-based Cross-Site Scripting	Website Scanner	Mar 29, 2024	High	N/A	N/A	No
Enumerable Parameter	Website Scanner	Mar 26, 2024	Low	N/A	N/A	No
Session Fixation	Website Scanner	Jan 9, 2024	Medium	N/A	N/A	No
NoSQL Injection	Website Scanner	Sep 28, 2023	High	N/A	N/A	No
Unsafe security header: Content-Security-Policy	Website Scanner	Sep 20, 2023	Low	N/A	N/A	No
Java Insecure Deserialization	Website Scanner	Sep 20, 2023	Critical	N/A	N/A	No
Server-Side Template Injection	Website Scanner	Sep 7, 2023	High	N/A	N/A	No
Cross-Site Request Forgery	Website Scanner	Aug 29, 2023	Low	N/A	N/A	No

Vulnerability & Exploit Database

One of EMEA's fastest-growing tech companies.

48,000+ security folks are here. Are you?

More than demos - real faces, real insight.

Security leaders trust what they can prove