Resources

Vulnerability & Exploit Database

This is the list of vulnerabilities you can detect with Pentest-Tools.com and the exploits currently available in the platform.

We detect more than 15.134 vulnerabilities with multiple tools (Network Scanner, Website Scanner, Wordpress Scanner, and more) and we also have 164 exploit modules in Sniper to validate the risk level of critical CVEs.

Display

Displaying 1 - 25 results out of 15.134

Pentest-Tools.com Vulnerabilities
Name	Detectable with	Detection added	Severity	Exploitable with Sniper
SolarWinds Security Event Manager - Unauthenticated RCE CVE-2024-0692	Network Scanner	Jun 8, 2025	High(8.8)	No
D-Link DIR-605 - Information Disclosure CVE-2021-40655	Network Scanner	Jun 8, 2025	High(7.5)	No
TotoLink Router setMacFilterRules - Command Injection CVE-2024-24328	Network Scanner	Jun 8, 2025	Critical(9.8)	No
Motors <= 5.6.67 - Unauthenticated Privilege Escalation via Password Update/Account Takeover CVE-2025-4322	Network Scanner	Jun 7, 2025	Critical(9.8)	No
Apache Spark UI - Cross-Site Scripting CVE-2018-8024	Network Scanner	Jun 6, 2025	Medium(6.1)	No
Apache Spark Application UI - Exposed	Network Scanner	Jun 6, 2025	Medium	No
Roundcube Webmail - Remote Code Execution CVE-2025-49113	Network Scanner	Jun 6, 2025	Critical(9.9)	No
ProfilePress < 3.1.11 - Cross-Site Scripting CVE-2021-24522	Network Scanner	Jun 5, 2025	Medium(5.4)	No
Netis MW5360 V1.0.1.3031 - Command Injection CVE-2024-22729	Network Scanner	Jun 4, 2025	Critical(9.8)	No
Intelbras NPLUG 1.0.0.14 - Authentication Bypass CVE-2018-12455	Network Scanner	Jun 4, 2025	High(8.1)	No
TP-Link TL-WR840N - Command Injection CVE-2022-25061	Network Scanner	Jun 4, 2025	Critical(9.8)	No
NextcloudPi Dashboard - Exposed	Network Scanner	Jun 4, 2025	High	No
ImpressCMS < 1.4.3 - SQL Injection CVE-2021-26599	Network Scanner	Jun 4, 2025	Critical(9.8)	No
Intelbras WRN 150 - Authentication Bypass CVE-2017-14942	Network Scanner	Jun 4, 2025	Critical(9.8)	No
CrafterCMS Engine - Cross-Site Scripting CVE-2023-4136	Network Scanner	Jun 3, 2025	Medium(6.1)	No
Cisco IOS XE WLC - Arbitrary File Upload CVE-2025-20188	Network Scanner	Jun 3, 2025	Critical(10)	No
FLIR AX8 1.46.16 - Remote Command Injection CVE-2022-37061	Network Scanner	Jun 3, 2025	Critical(9.8)	No
PublishPress Capabilities < 2.3.1 - Missing Authorization CVE-2021-25032	Network Scanner	Jun 3, 2025	Critical(9.8)	No
Craft CMS - Remote Code Execution CVE-2024-56145	Network Scanner	Jun 2, 2025	Critical(9.8)	Yes
TotoLink Router setPortForwardRules - Command Injection CVE-2024-24329	Network Scanner	Jun 2, 2025	Critical(9.8)	No
Intelbras TIP200/TIP200LITE/TIP300 - Cross-Site Scripting CVE-2020-12262	Network Scanner	May 31, 2025	Medium(5.4)	No
WP Hotel Booking < 1.10.4 - PHP Object Injection CVE-2020-29047	Network Scanner	May 31, 2025	Critical(9.8)	No
tshirtecommerce PrestaShop Module - SQL Injection CVE-2023-27638	Network Scanner	May 31, 2025	Critical(9.8)	No
Palo Alto Networks Expedition - OS Command Injection CVE-2025-0107	Network Scanner	May 31, 2025	Critical(9.8)	No
WordPress Plugin Adning Advertising < 1.5.6 - Arbitrary File Upload CVE-2020-36728	Network Scanner	May 31, 2025	Medium(6.5)	No