Resources

Vulnerability & Exploit Database

This is the list of vulnerabilities you can detect with Pentest-Tools.com and the exploits currently available in the platform.

We detect more than 16.266 vulnerabilities with multiple tools (Network Scanner, Website Scanner, Wordpress Scanner, and more) and we also have 177 exploit modules in Sniper to validate the risk level of critical CVEs.

Display

Displaying 1 - 25 results out of 16.266

Pentest-Tools.com Vulnerabilities
Name	Detectable with	Detection added	Severity	Exploitable with Sniper
Rails/Ruby Console History - Exposure	Network Scanner	Dec 31, 2025	Medium	No
Zimbra Collaboration - Local File Inclusion CVE-2025-68645	Network Scanner	Dec 31, 2025	High(8.8)	No
WordPress Newsletter - Log File Exposure	Network Scanner	Dec 31, 2025	Medium	No
Makefile - Exposure	Network Scanner	Dec 31, 2025	Low	No
Kaswara Modern VC Addons <= 3.0.1 - Missing Authorization CVE-2021-4448	Network Scanner	Dec 31, 2025	High(7.3)	No
phpLDAPadmin <= 1.2.3 - Reflected XSS CVE-2017-11107	Network Scanner	Dec 31, 2025	Medium(6.1)	No
LibreChat <= 0.7.9 - HTML Injection via Accept-Language Header CVE-2025-8848	Network Scanner	Dec 31, 2025	Medium(5.4)	No
Jetpack < 6.5 - Stored Cross-Site Scripting	Network Scanner	Dec 30, 2025	Medium	No
Python Requirements File Disclosure	Network Scanner	Dec 30, 2025	Medium	No
Social Auto Poster <= 5.3.14 - Stored Cross-Site Scripting CVE-2024-6753	Network Scanner	Dec 30, 2025	High(7.2)	No
AWStats <= 7.5 - Full Path Disclosure CVE-2018-10245	Network Scanner	Dec 30, 2025	Medium(5.3)	No
Roundcube Webmail Installer - Exposure	Network Scanner	Dec 30, 2025	High	No
YITH WooCommerce Ajax Search <= 2.4.0 - Cross-Site Scripting CVE-2024-4455	Network Scanner	Dec 30, 2025	High(7.2)	No
MongoDB Server - Information Disclosure (MongoBleed) CVE-2025-14847	Network Scanner	Dec 30, 2025	High(7.5)	No
Flow Configuration - Exposure	Network Scanner	Dec 30, 2025	Medium	No
Ultimate Addons for Elementor <= 1.24.1 - Registration Bypass CVE-2020-13125	Network Scanner	Dec 30, 2025	High(7.2)	No
JFrog Artifactory Build - Exposure	Network Scanner	Dec 30, 2025	Medium	No
WordPress Custom Post Type UI - Full Path Disclosure	Network Scanner	Dec 30, 2025	Medium	No
Kubernetes API Server - YAML Parsing DoS (Billion Laughs) CVE-2019-11253	Network Scanner	Dec 30, 2025	High(7.5)	No
Instagram Feed < 1.6 - Cross-Site Scripting	Network Scanner	Dec 29, 2025	Medium	No
Emby Server - Authentication Bypass CVE-2023-33193	Network Scanner	Dec 28, 2025	Critical(9.1)	No
WordPress Wordfence - Configuration File Disclosure	Network Scanner	Dec 27, 2025	Medium	No
WordPress Plugin iThemes Security - Full Path Disclosure	Network Scanner	Dec 27, 2025	Low	No
ImageResizer Debug - Information Exposure	Network Scanner	Dec 27, 2025	Low	No
WordPress Simple Custom CSS Plugin - Full Path Disclosure	Network Scanner	Dec 26, 2025	Low	No