Skip to main content

Resources

Vulnerability & Exploit Database

This is the list of vulnerabilities you can detect with Pentest-Tools.com and the exploits currently available in the platform.

We detect more than 16.520 vulnerabilities with multiple tools (Network Scanner, Website Scanner, Wordpress Scanner, and more) and we also have 177 exploit modules in Sniper to validate the risk level of critical CVEs.

Display

Displaying 1 - 25 results out of 16.520

Pentest-Tools.com Vulnerabilities
Name
Detectable with
Detection added
Severity
Exploitable
with Sniper
WordPress H5VP Plugin - Full Path DisclosureNetwork Scanner
N/A
No
WhoDB < 0.45.0 - Path Traversal
CVE-2025-24786
Network Scanner

High(7.5)

No
XWiki Platform Distribution Flavor Main - Cross-Site Scripting
CVE-2026-24128
Network Scanner

Medium(6.1)

No
Redis < 8.2.3 - Stack Buffer Overflow
CVE-2025-62507
Network Scanner

High(8.8)

No
GUDE - Default LoginNetwork Scanner
N/A
No
Contest Gallery - Broken Access Control
CVE-2024-43283
Network Scanner

Medium(5.3)

No
Zoho ManageEngine ADSelfService Plus 6121 - Username Enumeration
CVE-2022-28987
Network Scanner

Medium(5.3)

No
n8n >= 0.123.0 and < 1.121.3 - Remote Code Execution
CVE-2026-21877
Network Scanner

Critical(9.9)

No
Cisco Unified Communications Manager - Cluster EnumerationNetwork Scanner
N/A
No
Cybersecurity Infrastructure Security Agency (CISA)Citrix StoreFront Server - XML External Entity
CVE-2019-13608
Network Scanner

High(7.5)

No
WordPress Events Calendar 6.8.2.1 - Information Disclosure
CVE-2024-5333
Network Scanner

Medium(5.3)

No
FreshRSS Fever API - ExposureNetwork Scanner
N/A
No
WordPress LazyLoad Plugin - Full Path DisclosureNetwork Scanner
N/A
No
CraftCMS Debug Methods ExposedNetwork Scanner
N/A
No
Aurelia-Path < 1.1.7 - Prototype Pollution
CVE-2021-41097
Network Scanner

High(7.5)

No
AWS Elastic Beanstalk Dockerrun.aws.json - ExposureNetwork Scanner
N/A
No
LOLLMS WebUI - Absolute Path Traversal
CVE-2024-6250
Network Scanner

High(7.5)

No
10Web Photo Gallery < 1.5.55 - SQL Injection
CVE-2021-24139
Network Scanner

Critical(9.8)

No
WordPress Joinchat - Full Path DisclosureNetwork Scanner
N/A
No
Atlassian Confluence XSLT Macro - Server-Side Request Forgery
CVE-2024-29415
Network Scanner

Medium(6.5)

No
RailsAdmin Dashboard ExposureNetwork Scanner
N/A
No
Download Monitor < 4.4.5 - SQL Injection
CVE-2021-24786
Network Scanner

High(7.2)

No
Craft CMS Installation Wizard ExposureNetwork Scanner
N/A
No
cPanel Backup Exclusion Configuration - ExposureNetwork Scanner
N/A
No
WordPress Simple Social Icons - Full Path DisclosureNetwork Scanner
N/A
No