Skip to main content

Resources

Vulnerability & Exploit Database

This is the list of vulnerabilities you can detect with Pentest-Tools.com and the exploits currently available in the platform.

We detect more than 16.792 vulnerabilities with multiple tools (Network Scanner, Website Scanner, Wordpress Scanner, and more) and we also have 182 exploit modules in Sniper to validate the risk level of critical CVEs.

Display

Displaying 1 - 25 results out of 16.792

Pentest-Tools.com Vulnerabilities
Name
Detectable with
Detection added
Severity
Exploitable
with Sniper
Doccano - Default LoginNetwork Scanner

High

No
Xerox Fuji/VersaLink - Default LoginNetwork Scanner

High

No
RosarioSIS 6.7.2 - Cross-Site ScriptingNetwork Scanner

Medium

No
Harbor Registry - Default Admin CredentialsNetwork Scanner

High

No
Dell Wyse Management Suite - Unauthenticated Device RegistrationNetwork Scanner

High

No
WordPress midi-Synth <= 1.1.0 - Unauthenticated Arbitrary File Upload
CVE-2026-1306
Network Scanner

Critical(9.8)

No
ntopng - Default LoginNetwork Scanner

High

No
Accept Donations with PayPal <= 1.5.2 - Open Redirect
CVE-2025-68602
Network Scanner

Medium(4.7)

No
Glances - Information Disclosure
CVE-2026-30928
Network Scanner

High(7.5)

No
CP Image Store with Slideshow <= 1.0.67 - SQL Injection
CVE-2022-1692
Network Scanner

Critical(9.8)

No
Cost Calculator Builder <= 3.2.15 - SQL Injection
CVE-2024-43144
Network Scanner

Critical(9.8)

No
wpForo Forum <= 2.4.14 - SQL Injection
CVE-2026-1581
Network Scanner

High(7.5)

No
BMC FootPrints - Authentication Bypass
CVE-2025-71257
Network Scanner

Medium(6.5)

No
BMC FootPrints 'searchWeb' - Server-Side Request Forgery
CVE-2025-71258
Network Scanner

High(8.6)

No
Glances - Information Disclosure
CVE-2026-32596
Network Scanner

High(7.5)

No
Brickcom Camera - Unauthenticated Snapshot AccessNetwork Scanner

High

No
Webnus Inc. Modern Events Calendar - Broken Access Control
CVE-2026-32583
Network Scanner

Medium(5.3)

No
Apache Polaris - Default LoginNetwork Scanner

High

No
Ghost CMS Installation Setup - ExposureNetwork Scanner

High

No
Apache Polaris - Information DisclosureNetwork Scanner

Medium

No
BMC FootPrints 'feedUrl' - Server-Side Request Forgery
CVE-2025-71259
Network Scanner

High(8.6)

No
MindsDB - Remote Code Execution
CVE-2026-27483
Network Scanner

High(8.8)

No
URL Shortify <= 1.12.1 - Open Redirect
CVE-2026-1277
Network Scanner

Medium(4.7)

No
Prodigy Commerce <= 3.3.0 - Local File Inclusion
CVE-2026-0926
Network Scanner

Critical(9.8)

No
AnythingLLM - Information Disclosure
CVE-2026-24477
Network Scanner

High(7.5)

No