Skip to main content

Resources

Vulnerability & Exploit Database

This is the list of vulnerabilities that can be detected with Pentest-Tools.com and the exploits that are currently available in the platform.

We detect more than 11.169 vulnerabilities with multiple tools (Network Scanner, Website Scanner, Wordpress Scanner, and more) and we also have 131 exploit modules in Sniper to validate the risk level of critical CVEs.

Display

Displaying 1 - 25 results out of 11.169

Pentest-Tools.com Vulnerabilities
Name
CVE
Detectable
with
Detection added
Severity
CVSSv3
score
Exploitable
with Sniper
CData Sync < 23.4.8843 - Path Traversal
CVE-2024-31851
Network Scanner

High

8.6No
Mura/Masa CMS - SQL Injection
CVE-2024-32640
Network Scanner

High

---No
CData Arc < 23.4.8839 - Path Traversal
CVE-2024-31850
Network Scanner

High

8.6No
Combo Blocks < 2.2.76 - Improper Access Control
CVE-2024-0881
Network Scanner

Medium

---No
mooSocial v.3.1.8 - Cross-Site Scripting
CVE-2023-44812
Network Scanner

Medium

6.1No
Import XML and RSS Feeds < 2.1.5 - Unauthenticated RCE
CVE-2023-4521
Network Scanner

High

9.8No
eyoucms v.1.6.5 - Cross-Site Scripting
CVE-2024-22927
Network Scanner

Medium

6.1No
Avada < 7.11.7 - Information Disclosure
CVE-2024-2340
Network Scanner

Medium

5.3No
WordPress Toolbar <= 2.2.6 - Open Redirect
CVE-2023-6389
Network Scanner

Medium

6.1No
Cybersecurity Infrastructure Security Agency (CISA)CrushFTP VFS - Sandbox Escape LFR
CVE-2024-4040
Network Scanner

High

10No
PrestaShop PireosPay - SQL Injection
CVE-2023-45375
Network Scanner

High

8.8No
Wordpress Email Subscribers by Icegram Express - SQL Injection
CVE-2024-2876
Network Scanner

High

---No
PrestaShop Step by Step products Pack - SQL Injection
CVE-2023-46347
Network Scanner

High

9.8No
PrestaShop AdvancedPopupCreator - SQL Injection
CVE-2023-27032
Network Scanner

High

9.8No
WordPress Plugin Aviary Image Editor Addon For Gravity Forms 3.0 Beta - Arbitrary File Upload
CVE-2015-4455
Network Scanner

High

9.8No
MasterStudy LMS <= 3.3.3 - Unauthenticated Local File Inclusion via template
CVE-2024-3136
Network Scanner

High

9.8No
Magento - SQL Injection
CVE-2019-7139
Network Scanner

High

9.8No
JetBrains TeamCity > 2023.11.3 - Authentication Bypass
CVE-2024-23917
Network Scanner

High

9.8No
NextGen Healthcare Mirth Connect - Remote Code Execution
CVE-2023-43208
Network Scanner

High

9.8No
Academy LMS 6.0 - Cross-Site Scripting
CVE-2023-38964
Network Scanner

Medium

6.1No
EventON (Free < 2.2.8, Premium < 4.5.5) - Information Disclosure
CVE-2024-0235
Network Scanner

Medium

5.3No
SuperWebMailer 9.31.0.01799 - Cross-Site Scripting
CVE-2024-24131
Network Scanner

Medium

6.1No
CData API Server < 23.4.8844 - Path Traversal
CVE-2024-31849
Network Scanner

High

9.8No
Netmaker - Hardcoded DNS Secret Key
CVE-2023-32077
Network Scanner

High

7.5No
WordPress Automatic Plugin <= 3.92.0 - SQL Injection
CVE-2024-27956
Network Scanner

High

9.9No