Resources

Vulnerability & Exploit Database

This is the list of vulnerabilities you can detect with Pentest-Tools.com and the exploits currently available in the platform.

We detect more than 15.015 vulnerabilities with multiple tools (Network Scanner, Website Scanner, Wordpress Scanner, and more) and we also have 160 exploit modules in Sniper to validate the risk level of critical CVEs.

Display

Is exploitable with Sniper

Is in CISA catalog

Detectable with

Displaying 1 - 25 results out of 160

Pentest-Tools.com Vulnerabilities
Name	Detectable with	Detection added	Severity	Exploitable with Sniper
Zyxel - Default credentials CVE-2025-0890	Network Scanner	Apr 1, 2025	Critical(9.8)	Yes
Zyxel - Telnet Command Injection CVE-2024-40891	Network Scanner	Apr 1, 2025	High(8.8)	Yes
Craft CMS - Remote Code Execution CVE-2023-41892	Network Scanner	Mar 4, 2025	Critical(9.8)	Yes
Wordpress WP Query Console - Remote Code Execution CVE-2024-50498	Network Scanner	Mar 4, 2025	Critical(9.8)	Yes
Wordpress Really Simple Security - Authentication Bypass CVE-2024-10924	Network Scanner	Feb 18, 2025	Critical(9.8)	Yes
Cleo Harmony, VLTrader and LexiCom - Arbitrary File Read and Write CVE-2024-50623	Network Scanner	Jan 21, 2025	Critical(9.8)	Yes
ProjectSend - Authentication Bypass CVE-2024-11680	Network Scanner	Jan 21, 2025	Critical(9.8)	Yes
CyberPanel - Remote Code Execution CVE-2024-51567	Network Scanner	Jan 14, 2025	Critical(9.8)	Yes
CyberPanel - Remote Code Execution CVE-2024-51378	Network Scanner	Jan 14, 2025	Critical(9.8)	Yes
Palo Alto Networks Expedition - Remote Code Execution CVE-2024-0012 CVE-2024-9474	Network Scanner	Nov 26, 2024	Critical(9.8)	Yes
Palo Alto Networks Expedition - Remote Code Execution CVE-2024-9463	Network Scanner	Oct 15, 2024	Critical(9.8)	Yes
Cisco Small Business RV Series - Remote Code Execution CVE-2022-20705 CVE-2022-20707	Network Scanner	Sep 17, 2024	Critical(9.8)	Yes
GiveWP Donation Plugin - Remote Code Execution CVE-2024-5932	Network Scanner	Sep 17, 2024	Critical(9.8)	Yes
Progress Telerik Report Server - Remote Code Execution CVE-2024-4358	Network Scanner	Sep 10, 2024	Critical(9.8)	Yes
Apache OFBiz - Remote Code Execution CVE-2024-38856	Network Scanner	Sep 3, 2024	Critical(9.8)	Yes
Zyxel - Remote Code Execution CVE-2024-29973	Network Scanner	Sep 3, 2024	Critical(9.8)	Yes
GeoServer - Remote Code Execution CVE-2024-36401	Network Scanner	Aug 27, 2024	Critical(9.8)	Yes
SolarWinds Serv-U - Arbitrary File Read CVE-2024-28995	Network Scanner	Jul 20, 2024	High(7.5)	Yes
Magento - XML External Entity Injection CVE-2024-34102	Network Scanner	Jul 16, 2024	Critical(9.8)	Yes
PHP - Remote Code Execution CVE-2012-1823	Network Scanner	Jul 9, 2024	Critical(9.8)	Yes
Oracle Business Intelligence - Remote Code Execution CVE-2020-2950	Network Scanner	Jul 2, 2024	Critical(9.8)	Yes
Cisco UCS Director - Directory Traversal CVE-2020-3243	Network Scanner	Jul 2, 2024	Critical(9.8)	Yes
Cisco UCS Director - Directory Traversal CVE-2020-3250	Network Scanner	Jul 2, 2024	Critical(9.8)	Yes
Cisco UCS Director / IMC Supervisor - Default password for 'scpuser' CVE-2019-1935	Network Scanner	Jul 2, 2024	Critical(9.8)	Yes
Fortinet FortiSIEM - Remote Code Execution CVE-2024-23108	Network Scanner	Jun 11, 2024	Critical(9.8)	Yes