HomePentest-Tools.com Logo

Resources

Vulnerability & Exploit Database

This is the list of vulnerabilities that can be detected with Pentest-Tools.com and the exploits that are currently available in the platform.

We detect more than 21.250 vulnerabilities with multiple tools (Network Scanner, Website Scanner, Wordpress Scanner, and more) and we also have 128 exploit modules in Sniper to validate the risk level of critical CVEs.

Display

Displaying 1 - 25 results out of 21.250

Pentest-Tools.com Vulnerabilities
Name
CVE
Detectable
with
Detection added
Severity
CVSSv3
score
Exploitable
with Sniper
Cybersecurity Infrastructure Security Agency (CISA)Adobe ColdFusion Deserialization of Untrusted DataNetwork Scanner

High

9.8No
Ncast busiFacade - Remote Command ExecutionNetwork Scanner

High

7.5No
Rebuild <= 3.5.5 - Server-Side Request Forgery
---
Network Scanner

Medium

---No
IBM Operational Decision Manager - Java DeserializationNetwork Scanner

High

8.8No
IBM Operational Decision Manager - JNDI InjectionNetwork Scanner

High

9.8No
Frigate < 0.13.0 Beta 3 - Cross-Site ScriptingNetwork Scanner

Medium

4.7No
OpenCMS - XML external entity (XXE)
---
Network Scanner

High

---No
Cybersecurity Infrastructure Security Agency (CISA)ConnectWise ScreenConnect 23.9.7 - Authentication BypassNetwork Scanner

High

10No
Unauthenticated Remote Code Execution – Bricks <= 1.9.6
---
Network Scanner

High

---No
Monitorr Services Configuration - Arbitrary File UploadNetwork Scanner

High

8.8No
McVie Safety Digital Management Platform - Arbitrary File Upload (CNVD-2023-96945)
---
Network Scanner

High

---No
WordPress Elementor 3.18.1 - File Upload/Remote Code Execution
---
Network Scanner

High

---No
LearnDash LMS < 4.10.3 - Sensitive Information ExposureNetwork Scanner

Medium

5.3No
LearnDash LMS < 4.10.2 - Sensitive Information Exposure via assignmentsNetwork Scanner

Medium

5.3No
LearnDash LMS < 4.10.2 - Sensitive Information ExposureNetwork Scanner

Medium

5.3No
Axigen WebMail - Cross-Site ScriptingNetwork Scanner

Medium

6.5No
mlflow - Path TraversalNetwork Scanner

High

8.1No
CaseAware a360inc - Cross-Site ScriptingNetwork Scanner

Medium

6.1No
ECShop 4.1.0 - SQL InjectionNetwork Scanner

High

7.5No
WCFM WooCommerce Multivendor Marketplace < 3.4.12 - SQL InjectionNetwork Scanner

High

9.8No
Registrations for the Events Calendar < 2.7.6 - SQL InjectionNetwork Scanner

High

9.8No
WyreStorm Apollo VX20 - Information Disclosure
---
Network Scanner

High

---No
Wordpress Polls Widget < 1.5.3 - SQL InjectionNetwork Scanner

High

9.8No
Ivanti Connect Secure - XXE
---
Network Scanner

High

---No
Winter CMS Local File Inclusion - (LFI)Network Scanner

Medium

5.4No