Vulnerability & Exploit Database

This is the list of vulnerabilities you can detect with Pentest-Tools.com and the exploits currently available in the platform.

We detect more than 17.130 vulnerabilities with multiple tools (Network Scanner, Website Scanner, Wordpress Scanner, and more) and we also have 190 exploit modules in Sniper to validate the risk level of critical CVEs.

Display

Search results for: SQL Injection

Displaying 1 - 25 results out of 1119

Pentest-Tools.com Vulnerabilities
Name	Detectable with	Detection added	CVSSv3	EPSS Score	EPSS Percentile	Exploitable with Sniper
MISP < 2.5.37 - SQL Injection CVE-2026-44381	Network Scanner	Jun 29, 2026	Medium(5.3)	0.01	0.42	No
Weaver E-cology9 api/doc/out/more/list SQL Injection	Network Scanner	Jun 25, 2026	High	N/A	N/A	No
phpMyFAQ <= 4.1.1 - SQL Injection CVE-2026-46364	Network Scanner	Jun 11, 2026	Critical(9.8)	0.02	0.75	No
WordPress Newsletters <= 4.13 - Unauthenticated SQL Injection CVE-2026-3018	Network Scanner	Jun 11, 2026	High(7.5)	0.02	0.69	No
dotCMS Core Publish Audit API - Unauthenticated SQL Injection CVE-2026-8054	Network Scanner	Jun 9, 2026	Critical	0.02	0.73	No
WordPress ARMember Premium <= 7.3.1 - Unauthenticated SQL Injection CVE-2026-5073	Network Scanner	Jun 9, 2026	High(7.5)	0.02	0.69	No
PrestaShop lgcookieslaw - SQL Injection CVE-2022-44727	Network Scanner	Jun 8, 2026	Critical(9.8)	0.03	0.82	No
E-Learning System 1.0 - SQL Injection CVE-2021-3239	Network Scanner	Jun 3, 2026	Critical(9.8)	0.18	0.97	No
LiteLLM - SQL Injection CVE-2026-42208	Network Scanner	Jun 1, 2026	Critical(9.8)	0.85	1	No
JoomSport <= 5.7.7 - SQL Injection CVE-2026-42647	Network Scanner	Jun 1, 2026	Critical(9.3)	0.02	0.68	No
FlipperCode Custom CSS, JS & PHP <= 2.0.7 - Remote Code Execution CVE-2026-6433	Network Scanner	May 27, 2026	Critical(9.8)	0.01	0.51	No
YesWiki < 4.6.4 - Unauthenticated SQL Injection CVE-2026-46670	Network Scanner	May 27, 2026	Critical(9.8)	0.01	0.13	No
Drupal Core - Anonymous SQL Injection via PostgreSQL Entity Query CVE-2026-9082	Network Scanner	May 23, 2026	Critical(9.8)	0.85	1	No
Cloudlog - SQL Injection CVE-2024-48259	Network Scanner	May 11, 2026	High(7.3)	0.01	0.55	No
CKAN DataStore SQL Search - SQL Injection CVE-2026-42031	Network Scanner	May 6, 2026	Critical(9.8)	0.02	0.76	No
FormLift for Infusionsoft Web Forms <= 7.5.17 - SQL Injection CVE-2024-38773	Network Scanner	Apr 30, 2026	Critical(10)	0.03	0.79	No
NocoBase - SQL Injection CVE-2026-41640	Network Scanner	Apr 24, 2026	High(7.5)	0.02	0.77	No
NocoBase - SQL Injection CVE-2026-41641	Network Scanner	Apr 24, 2026	High(7.2)	0.02	0.77	No
Vendure Core - SQL Injection CVE-2026-40887	Network Scanner	Apr 17, 2026	Critical(9.1)	0.02	0.76	No
WCAPF WooCommerce Ajax Product Filter - SQL Injection CVE-2026-3396	Network Scanner	Apr 15, 2026	High(7.5)	0.02	0.71	No
Team WordPress Plugin (TLP Team) <= 5.0.9 - SQL Injection CVE-2025-14124	Network Scanner	Apr 15, 2026	High(8.6)	0.02	0.73	No
Geo Mashup <= 1.13.17 - SQL Injection CVE-2026-2416	Network Scanner	Apr 14, 2026	High(7.5)	0.02	0.69	No
WordPress CBX Bookmark & Favorite Plugin <= 2.0.4 - SQL Injection CVE-2025-13652	Network Scanner	Apr 13, 2026	Critical(9.1)	0.02	0.61	No
WordPress WPCOM Member <= 1.7.6 - SQL Injection CVE-2025-2221	Network Scanner	Apr 13, 2026	High(7.5)	0.02	0.75	No
Fortinet FortiClientEMS 7.4.4 - SQL Injection CVE-2026-21643	Network Scanner	Apr 10, 2026	Critical(9.8)	0.95	1	No

Vulnerability & Exploit Database

One of EMEA's fastest-growing tech companies

Independently audited company-wide ISMS

50,000+ security folks are here. Are you?

Security leaders trust what they can prove