Resources

Vulnerability & Exploit Database

This is the list of vulnerabilities you can detect with Pentest-Tools.com and the exploits currently available in the platform.

We detect more than 16.269 vulnerabilities with multiple tools (Network Scanner, Website Scanner, Wordpress Scanner, and more) and we also have 177 exploit modules in Sniper to validate the risk level of critical CVEs.

Display

Is exploitable with Sniper

Is in CISA catalog

Detectable with

Displaying 1 - 25 results out of 16.127

Pentest-Tools.com Vulnerabilities
Name	Detectable with	Detection added	Severity	Exploitable with Sniper
User Role Editor - Full Path Disclosure	Network Scanner	Jan 1, 2026	Low	No
Bash Configuration - Exposure	Network Scanner	Jan 1, 2026	Low	No
WordPress Easy Digital Downloads <= 3.2.12 - SQL Injection CVE-2024-5057	Network Scanner	Jan 1, 2026	Critical(9.8)	No
Rails/Ruby Console History - Exposure	Network Scanner	Dec 31, 2025	Medium	No
phpLDAPadmin <= 1.2.3 - Reflected XSS CVE-2017-11107	Network Scanner	Dec 31, 2025	Medium(6.1)	No
WordPress Newsletter - Log File Exposure	Network Scanner	Dec 31, 2025	Medium	No
LibreChat <= 0.7.9 - HTML Injection via Accept-Language Header CVE-2025-8848	Network Scanner	Dec 31, 2025	Medium(5.4)	No
Makefile - Exposure	Network Scanner	Dec 31, 2025	Low	No
Zimbra Collaboration - Local File Inclusion CVE-2025-68645	Network Scanner	Dec 31, 2025	High(8.8)	No
Kaswara Modern VC Addons <= 3.0.1 - Missing Authorization CVE-2021-4448	Network Scanner	Dec 31, 2025	High(7.3)	No
Flow Configuration - Exposure	Network Scanner	Dec 30, 2025	Medium	No
MongoDB Server - Information Disclosure (MongoBleed) CVE-2025-14847	Network Scanner	Dec 30, 2025	High(7.5)	No
WordPress Custom Post Type UI - Full Path Disclosure	Network Scanner	Dec 30, 2025	Medium	No
YITH WooCommerce Ajax Search <= 2.4.0 - Cross-Site Scripting CVE-2024-4455	Network Scanner	Dec 30, 2025	High(7.2)	No
JFrog Artifactory Build - Exposure	Network Scanner	Dec 30, 2025	Medium	No
Roundcube Webmail Installer - Exposure	Network Scanner	Dec 30, 2025	High	No
Ultimate Addons for Elementor <= 1.24.1 - Registration Bypass CVE-2020-13125	Network Scanner	Dec 30, 2025	High(7.2)	No
AWStats <= 7.5 - Full Path Disclosure CVE-2018-10245	Network Scanner	Dec 30, 2025	Medium(5.3)	No
Jetpack < 6.5 - Stored Cross-Site Scripting	Network Scanner	Dec 30, 2025	Medium	No
Social Auto Poster <= 5.3.14 - Stored Cross-Site Scripting CVE-2024-6753	Network Scanner	Dec 30, 2025	High(7.2)	No
Kubernetes API Server - YAML Parsing DoS (Billion Laughs) CVE-2019-11253	Network Scanner	Dec 30, 2025	High(7.5)	No
Python Requirements File Disclosure	Network Scanner	Dec 30, 2025	Medium	No
Instagram Feed < 1.6 - Cross-Site Scripting	Network Scanner	Dec 29, 2025	Medium	No
Emby Server - Authentication Bypass CVE-2023-33193	Network Scanner	Dec 28, 2025	Critical(9.1)	No
WordPress Plugin iThemes Security - Full Path Disclosure	Network Scanner	Dec 27, 2025	Low	No