Resources

Vulnerability & Exploit Database

This is the list of vulnerabilities you can detect with Pentest-Tools.com and the exploits currently available in the platform.

We detect more than 15.349 vulnerabilities with multiple tools (Network Scanner, Website Scanner, Wordpress Scanner, and more) and we also have 166 exploit modules in Sniper to validate the risk level of critical CVEs.

Display

Displaying 1 - 25 results out of 15.349

Pentest-Tools.com Vulnerabilities
Name	Detectable with	Detection added	Severity	Exploitable with Sniper
GeoServer Demo Request Endpoint - Server Side Request Forgery CVE-2024-29198	Network Scanner	Jul 18, 2025	High(7.5)	No
OneNav v0.9.35-20240318 - Server-Side Request Forgery (SSRF) CVE-2024-33832	Network Scanner	Jul 18, 2025	Medium(6.5)	No
WordPress Events Manager <= 7.0.3 - SQL Injection CVE-2025-6970	Network Scanner	Jul 18, 2025	Critical(9.8)	No
StrongShop Installer - Exposure	Network Scanner	Jul 18, 2025	High	No
LyLme spage v1.9.5 - Server-Side Request Forgery CVE-2024-36675	Network Scanner	Jul 18, 2025	Critical(9.1)	No
iBarn Installer - Exposure	Network Scanner	Jul 18, 2025	High	No
SawtoothSoftware Lighthouse Studio < 9.16.14 - Pre-Auth Remote Code Execution CVE-2025-34300	Network Scanner	Jul 18, 2025	Critical(9.8)	No
Yonyou UFIDA ERP-NC V5.0 - Cross-Site Scripting CVE-2025-2711	Network Scanner	Jul 17, 2025	Medium(6.1)	No
idcCMS V1.60 - Cross-Site Scripting CVE-2024-11587	Network Scanner	Jul 17, 2025	Medium(6.1)	No
Yonyou UFIDA ERP-NC V5.0 - Cross-Site Scripting CVE-2025-2709	Network Scanner	Jul 17, 2025	Medium(6.1)	No
AcuToWeb server/10.5.0.7577c8b - Cross-Site Scripting CVE-2024-42852	Network Scanner	Jul 17, 2025	Medium(6.1)	No
Yonyou UFIDA ERP-NC V5.0 - Cross-Site Scripting CVE-2025-2710	Network Scanner	Jul 17, 2025	Medium(6.1)	No
Zeroshell 3.9.3 - Command Injection CVE-2020-29390	Network Scanner	Jul 17, 2025	Critical(9.8)	No
123Solar 1.8.4.5 - Cross-Site Scripting CVE-2024-9007	Network Scanner	Jul 17, 2025	Medium(6.1)	No
Yonyou UFIDA ERP-NC V5.0 - Cross-Site Scripting CVE-2025-2712	Network Scanner	Jul 17, 2025	Medium(6.1)	No
Saltbo/zpan Installer - Exposure	Network Scanner	Jul 17, 2025	High	No
Microsoft SharePoint Server 2007 XSS Vulnerability (MS10-039) - Active Check CVE-2010-0817	Network Scanner	Jul 16, 2025	N/A	No
Apache HTTP Server 2.4.26 < 2.4.64 DoS Vulnerability - Windows CVE-2025-49630	Network Scanner	Jul 16, 2025	High(7.5)	No
Ninja Tables <4.1.9 - Unauthenticated Arbitrary File Read	Network Scanner	Jul 16, 2025	High	No
Apache Tomcat Multiple DoS Vulnerabilities (Jul 2025) - Windows CVE-2025-52520 CVE-2025-53506	Network Scanner	Jul 16, 2025	High(7.5)	No
Apache HTTP Server < 2.4.64 Multiple Vulnerabilities - Windows CVE-2024-42516 CVE-2024-43204 CVE-2024-43394 CVE-2024-47252 CVE-2025-49812	Network Scanner	Jul 16, 2025	Medium(7.4)	No
Apache HTTP Server 2.4.35 < 2.4.64 Access Control Bypass Vulnerability - Windows CVE-2025-23048	Network Scanner	Jul 16, 2025	Critical(9.1)	No
Puppet Enterprise < 2016.4.0 Multiple Vulnerabilities CVE-2016-5714 CVE-2016-5715 CVE-2016-5716	Network Scanner	Jul 16, 2025	High(8.8)	No
Apache HTTP Server 2.4.17 < 2.4.64 DoS Vulnerability - Windows CVE-2025-53020	Network Scanner	Jul 16, 2025	High(7.5)	No
LaRecipe < 2.8.1 Remote Code Execution via SSTI CVE-2025-53833	Network Scanner	Jul 16, 2025	Critical(10)	No