Skip to main content

Resources

Vulnerability & Exploit Database

This is the list of vulnerabilities you can detect with Pentest-Tools.com and the exploits currently available in the platform.

We detect more than 15.353 vulnerabilities with multiple tools (Network Scanner, Website Scanner, Wordpress Scanner, and more) and we also have 166 exploit modules in Sniper to validate the risk level of critical CVEs.

Display

Search results for: header injection

Displaying 1 - 25 results out of 42

Pentest-Tools.com Vulnerabilities
Name
Detectable with
Detection added
Severity
Exploitable
with Sniper
Scoold < 1.64.0 - Authentication Bypass
CVE-2024-50334
Network Scanner

Medium(5.3)

No
Proxmox - CRLF Injection
CVE-2022-35507
Network Scanner

High(7.1)

No
Response Header InjectionWebsite Scanner

High

No
System Dashboard < 2.8.10 - Cross-Site Scripting
CVE-2023-7246
Network Scanner

Medium(5.4)

No
LimeSurvey < 6.6.1 Header Injection Vulnerability
CVE-2024-42903
Network Scanner

Medium(6.5)

No
pfSense pfBlockerNG - OS Command Injection
CVE-2022-40624
Network Scanner

Critical(9.8)

No
ECShop 2.x/3.x - SQL InjectionNetwork Scanner

Critical(10)

No
OpenVPN Access Server 2.1.4 - CRLF Injection
CVE-2017-5868
Network Scanner

Medium(6.1)

No
openSIS < 9.1 - SQL Injection
CVE-2024-35584
Network Scanner

High(8.8)

No
Joomla HTTP Header Unauthenticated - Remote Code Execution
CVE-2015-8562
Network Scanner

High(7.5)

No
Python Email Header Injection Vulnerability (Aug 2024) - Windows
CVE-2024-6923
Network Scanner

Medium(5.5)

No
Header Footer Code Manager < 1.1.14 - Admin+ SQL Injection
CVE-2021-24791
Network Scanner

High(7.2)

No
Piwigo 13.7.0 - SQL Injection
CVE-2023-37270
Network Scanner

High(8.8)

No
ExponentCMS <= 2.6 - Host Header Injection
CVE-2021-38751
Network Scanner

Medium(4.3)

No
Pypiserver <1.2.5 - Carriage Return Line Feed Injection
CVE-2019-6802
Network Scanner

Medium(6.1)

No
Monstra CMS 3.0.4 - HTTP Header Injection
CVE-2018-16979
Network Scanner

Medium(6.1)

No
pfSense pfBlockerNG <=2.1..4_26 - OS Command Injection
CVE-2022-31814
Network Scanner

Critical(9.8)

No
Cybersecurity Infrastructure Security Agency (CISA)Apache Struts 2 - Remote Command Execution
CVE-2017-5638
Network Scanner

Critical(10)

No
Apache Tika <1.1.8- Header Command Injection
CVE-2018-1335
Network Scanner

High(8.1)

No
Cybersecurity Infrastructure Security Agency (CISA)Cacti <=1.2.22 - Remote Command Injection
CVE-2022-46169
Network Scanner

Critical(9.8)

No
Sercomm VD625 Smart Modems - CRLF Injection
CVE-2021-27132
Network Scanner

Critical(9.8)

No
Netsweeper <=6.4.3 - Python Code Injection
CVE-2020-13167
Network Scanner

Critical(9.8)

No
Cybersecurity Infrastructure Security Agency (CISA)Moveit Transfer - SQLi
CVE-2023-34362
Network Scanner

Critical(9.8)

No
WordPress Header Footer Code Manager Plugin < 1.1.14 SQLi Vulnerability
CVE-2021-24791
Network Scanner

Medium(7.2)

No
TYPO3 HTTP Host Header Injection Vulnerability (TYPO3-CORE-SA-2021-015)
CVE-2021-41114
Network Scanner

Medium(4.8)

No