Resources

Vulnerability & Exploit Database

This is the list of vulnerabilities you can detect with Pentest-Tools.com and the exploits currently available in the platform.

We detect more than 15.155 vulnerabilities with multiple tools (Network Scanner, Website Scanner, Wordpress Scanner, and more) and we also have 164 exploit modules in Sniper to validate the risk level of critical CVEs.

Display

Displaying 1 - 25 results out of 15.155

Pentest-Tools.com Vulnerabilities
Name	Detectable with	Detection added	Severity	Exploitable with Sniper
WordPress XStore Theme - SQL Injection CVE-2024-33559	Network Scanner	Jun 13, 2025	Critical(9.3)	No
Quest KACE SMA /common/run_cross_report.php 'fmt' XSS CVE-2018-11133	Network Scanner	Jun 13, 2025	Medium(6.1)	No
Evertz SDVN 3080ipx-10G - Unauthenticated Arbitrary Command Injection CVE-2025-4009	Network Scanner	Jun 13, 2025	Critical(9.3)	No
DataEase v2.10.2 - JWT Signature Verification Bypass CVE-2024-47073	Network Scanner	Jun 13, 2025	Critical(9.1)	No
Kyocera Net View Address Book Exposure CVE-2022-1026	Network Scanner	Jun 12, 2025	High(8.6)	No
OptinMonster Plugin < 2.6.5 - Unprotected REST-API CVE-2021-39341	Network Scanner	Jun 12, 2025	High(8.2)	No
PHPSHE 1.7 - SQL Injection CVE-2019-9762	Network Scanner	Jun 12, 2025	Critical(9.8)	No
Avaya Aura Device Services - OS Command Injection CVE-2023-3722	Network Scanner	Jun 12, 2025	High(8.6)	No
Spring Data REST < 2.6.9 (Ingalls SR9) / 3.0.1 (Kay SR1) - PATCH Request Remote Code Execution CVE-2017-8046	Network Scanner	Jun 12, 2025	Critical(9.8)	No
Boa 0.94.13 - Information Disclosure CVE-2021-33558	Network Scanner	Jun 12, 2025	High(7.5)	No
Synology BeeStation BST150-4T - Unauthenticated Command Injection CVE-2024-10443	Network Scanner	Jun 12, 2025	Critical(9.8)	No
Schneider Electric APC NMC - Default Login	Network Scanner	Jun 12, 2025	N/A	No
Abandoned Cart Lite for WooCommerce - Authentication Bypass CVE-2023-2986	Network Scanner	Jun 12, 2025	Critical(9.8)	No
SonLogger - Arbitrary File Upload CVE-2021-27964	Network Scanner	Jun 12, 2025	Critical(9.8)	No
LabKey Server 19.1.0 - XML External Entity (XXE) CVE-2019-9757	Network Scanner	Jun 12, 2025	High(7.5)	No
D-Link Central WiFi Manager CWM(100) - Remote Code Execution CVE-2019-13372	Network Scanner	Jun 11, 2025	Critical(9.8)	No
Ruckus vRioT IoT Controller - Authentication Bypass CVE-2020-26879	Network Scanner	Jun 11, 2025	Critical(9.8)	No
Siemens SIMATIC 300 Dashboard - Exposed	Network Scanner	Jun 11, 2025	N/A	No
WPGraphQL 0.2.3 - User Creation CVE-2019-9879	Network Scanner	Jun 11, 2025	Critical(9.8)	No
PrestaShop 'possearchproducts' <= 1.7 - SQL Injection CVE-2023-30192	Network Scanner	Jun 11, 2025	Critical(9.8)	No
SRS Simple Hits Counter 1.0.3-1.0.4 - Unauthenticated Blind SQL Injection CVE-2020-5766	Network Scanner	Jun 10, 2025	High(7.5)	No
FortiWLM - Directory Traversal CVE-2023-34990	Network Scanner	Jun 9, 2025	Critical(9.8)	No
TotoLink Router setMacFilterRules - Command Injection CVE-2024-24328	Network Scanner	Jun 8, 2025	Critical(9.8)	No
D-Link DIR-605 - Information Disclosure CVE-2021-40655	Network Scanner	Jun 8, 2025	High(7.5)	No
SolarWinds Security Event Manager - Unauthenticated RCE CVE-2024-0692	Network Scanner	Jun 8, 2025	High(8.8)	No