Vulnerability & Exploit Database

This is the list of vulnerabilities you can detect with Pentest-Tools.com and the exploits currently available in the platform.

We detect more than 16.635 vulnerabilities with multiple tools (Network Scanner, Website Scanner, Wordpress Scanner, and more) and we also have 179 exploit modules in Sniper to validate the risk level of critical CVEs.

Display

Search results for: XML External Entity

Displaying 1 - 25 results out of 69

Pentest-Tools.com Vulnerabilities
Name	Detectable with	Detection added	CVSSv3	EPSS Score	EPSS Percentile	Exploitable with Sniper
VMWare Cloud Foundation NSX-V - XML External Entity (XXE) CVE-2022-31678	Network Scanner	Feb 4, 2026	Critical(9.1)	0.58	0.99	No
Citrix StoreFront Server - XML External Entity CVE-2019-13608	Network Scanner	Jan 29, 2026	High(7.5)	0.76	0.99	No
Apache Tika - XML External Entity Injection CVE-2025-66516	Network Scanner	Jan 23, 2026	Critical(9.8)	0.03	0.86	No
Ektron CMS Blogs xmlrpc.aspx - XML External Entity Injection	Network Scanner	Jan 19, 2026	High	N/A	N/A	No
Apache OFBiz - XML External Entity Injection CVE-2011-3600	Network Scanner	Jan 7, 2026	High(7.5)	0.58	0.99	No
Episerver 7 - Blind XML External Entity Injection CVE-2017-17762	Network Scanner	Dec 18, 2025	High(7.5)	0.11	0.94	No
GeoServer - XML External Entity Injection CVE-2025-58360	Network Scanner	Nov 27, 2025	High(8.2)	0.86	1	No
Guralp MAN-EAM-0003 3.2.4 - XML External Entity (XXE) CVE-2022-38840	Network Scanner	Oct 10, 2025	High(7.5)	0.84	1	No
Apache Tika 1.13 - 3.2.1 XXE Vulnerability CVE-2025-54988 CVE-2025-66516	Network Scanner	Aug 25, 2025	Critical(9.8)	0.03	0.86	No
Akamai CloudTest < 60 2025.06.02 - XML External Entity (XXE) CVE-2025-49493	Network Scanner	Jul 13, 2025	Critical(9.1)	0.03	0.86	No
GeoServer WFS - XXE Processing Vulnerability CVE-2025-30220	Network Scanner	Jun 18, 2025	Critical(9.9)	0.09	0.92	No
LabKey Server 19.1.0 - XML External Entity (XXE) CVE-2019-9757	Network Scanner	Jun 12, 2025	High(7.5)	0.87	1	No
SysAid On-Prem <= 23.3.40 - XML External Entity CVE-2025-2776	Network Scanner	May 11, 2025	Critical(9.3)	0.61	0.99	No
SysAid On-Prem <= 23.3.40 - XML External Entity CVE-2025-2775	Network Scanner	May 11, 2025	Critical(9.3)	0.68	0.99	No
SysAid On-Prem <= 23.3.40 - XML External Entity CVE-2025-2777	Network Scanner	May 11, 2025	Critical(9.3)	0.16	0.95	No
EcologyOA deleteUserRequestInfoByXml - XML External Entity Injection	Network Scanner	Dec 2, 2024	High	N/A	N/A	No
74CMS weixin.php - SQL Injection	Network Scanner	Dec 2, 2024	High	N/A	N/A	No
Wanhu OA TeleConferenceService Interface - XML External Entity Injection	Network Scanner	Dec 2, 2024	High	N/A	N/A	No
Generic XML External Entity - (XXE)	Network Scanner	Dec 2, 2024	Medium	N/A	N/A	No
Ivanti Avalanche SmartDeviceServer - XML External Entity CVE-2024-38653	Network Scanner	Nov 20, 2024	High(7.5)	0.9	1	No
Magento - XML External Entity Injection CVE-2024-34102	Network Scanner	Jul 16, 2024	Critical(9.8)	0.95	1	Yes
Adobe Commerce & Magento - CosmicSting CVE-2024-34102	Network Scanner	Jun 26, 2024	Critical(9.8)	0.95	1	No
OpenCMS - XML external entity (XXE) CVE-2023-42344	Network Scanner	Feb 22, 2024	High(9.8)	N/A	N/A	No
Ivanti Connect Secure - XXE CVE-2024-22024	Network Scanner	Feb 10, 2024	High(8.3)	0.95	1	No
FreeIPA - XML Entity Injection CVE-2022-2414	Network Scanner	Aug 8, 2023	High(7.5)	0.91	1	No

Vulnerability & Exploit Database

One of EMEA's fastest-growing tech companies.

50,000+ security folks are here. Are you?

More than demos - real faces, real insight.

Security leaders trust what they can prove