Resources

Vulnerability & Exploit Database

This is the list of vulnerabilities you can detect with Pentest-Tools.com and the exploits currently available in the platform.

We detect more than 15.642 vulnerabilities with multiple tools (Network Scanner, Website Scanner, Wordpress Scanner, and more) and we also have 169 exploit modules in Sniper to validate the risk level of critical CVEs.

Display

Displaying 1 - 25 results out of 15.642

Pentest-Tools.com Vulnerabilities
Name	Detectable with	Detection added	Severity	Exploitable with Sniper
Adning Advertising <= 1.5.5 - Arbitrary File Upload CVE-2020-36705	Network Scanner	Sep 25, 2025	Critical(9.8)	No
GoAnywhere - Authentication Bypass CVE-2025-10035	Network Scanner	Sep 25, 2025	Critical(10)	No
wpDiscuz <= 5.3.5 - SQL Injection CVE-2020-13640	Network Scanner	Sep 25, 2025	Critical(9.8)	No
ListingPro < 2.6.1 - Arbitrary Plugin Installation/Activation/Deactivation CVE-2020-36719	Network Scanner	Sep 25, 2025	Critical(9.8)	No
ListingPro < 2.6.1 - Sensitive Data Disclosure CVE-2020-36723	Network Scanner	Sep 25, 2025	Medium(5.3)	No
Jeg Elementor Kit - Authorization Bypass CVE-2022-3805	Network Scanner	Sep 25, 2025	High(8.6)	No
Form-Maker < 1.15.20 - Unauthenticated Arbitrary File Upload CVE-2023-4666	Network Scanner	Sep 25, 2025	Critical(9.8)	No
Better Search Replace < 1.4.5 - PHP Object Injection CVE-2023-6933	Network Scanner	Sep 25, 2025	Critical(9.8)	No
Teleport - Authentication Bypass CVE-2025-49825	Network Scanner	Sep 25, 2025	Critical(9.8)	No
Newspaper Theme 6.4–6.7.1 - Privilege Escalation CVE-2016-10972	Network Scanner	Sep 25, 2025	Critical(9.8)	No
The Plus Addons for Elementor Page Builder < 4.1.7 - Authentication Bypass CVE-2021-24175	Network Scanner	Sep 25, 2025	Critical(9.8)	No
mTheme Unus < 2.3 - Directory Traversal CVE-2015-9406	Network Scanner	Sep 25, 2025	High(7.5)	No
Spam protection, AntiSpam, FireWall by CleanTalk < 5.153.4 - Unauthenticated Blind SQL Injection CVE-2021-24295	Network Scanner	Sep 25, 2025	High(7.5)	No
tagDiv Composer < 4.2 - Stored Cross-Site Scripting CVE-2023-3169	Network Scanner	Sep 25, 2025	Medium(6.1)	No
D-Link DIR-300 / DIR-600 RCE Vulnerabilities (Feb 2013) - Active Check CVE-2013-10048 CVE-2013-10069	Network Scanner	Sep 24, 2025	Critical(9.8)	No
ProFTPD Backdoor Unauthorized Access Vulnerability (Dec 2010) - Active Check CVE-2010-20103	Network Scanner	Sep 24, 2025	N/A	No
DELMIA Apriso - Command Injection CVE-2025-6204	Network Scanner	Sep 24, 2025	Critical(9)	No
10Web Booster < 2.24.18 - Unauthenticated Arbitrary Option Deletion CVE-2023-5559	Network Scanner	Sep 24, 2025	Critical(9.1)	No
Zimbra Collaboration - Unrestricted File Upload CVE-2022-41352	Network Scanner	Sep 24, 2025	Critical(9.8)	No
Nortek Linear eMerge E3-Series - SQL Injection CVE-2022-38627	Network Scanner	Sep 24, 2025	Critical(9.8)	No
ZEROF Web Server 2.0 - SQL Injection CVE-2022-25322	Network Scanner	Sep 24, 2025	Critical(9.8)	No
DELMIA Apriso - Broken Access Control CVE-2025-6205	Network Scanner	Sep 24, 2025	High(8.8)	No
Weaviate - Exposure	Network Scanner	Sep 24, 2025	N/A	No
WordPress ProfilePress <= 3.1.3 - Privilege Escalation CVE-2021-34622	Network Scanner	Sep 23, 2025	High(8.8)	No
Jenkins Sidepanel - Unauthorized Agent/Queue Exposure CVE-2025-59474	Network Scanner	Sep 23, 2025	N/A	No