Resources

Vulnerability & Exploit Database

This is the list of vulnerabilities you can detect with Pentest-Tools.com and the exploits currently available in the platform.

We detect more than 15.650 vulnerabilities with multiple tools (Network Scanner, Website Scanner, Wordpress Scanner, and more) and we also have 169 exploit modules in Sniper to validate the risk level of critical CVEs.

Display

Displaying 1 - 25 results out of 15.650

Pentest-Tools.com Vulnerabilities
Name	Detectable with	Detection added	Severity	Exploitable with Sniper
All Thrive Themes and Plugins - Unauthenticated Option Update CVE-2021-24219	Network Scanner	Sep 28, 2025	Medium(5.3)	No
EyesOfNetwork - Hardcoded API Key & SQL Injection CVE-2020-8656	Network Scanner	Sep 28, 2025	Critical(9.8)	No
Cellinx NVT Web Server - Local File Disclosure CVE-2023-23063	Network Scanner	Sep 27, 2025	High(7.5)	No
Tolgee API - Misconfiguration Anonymous Access	Network Scanner	Sep 27, 2025	Medium	No
Zimbra Collaboration Suite - SSRF CVE-2019-9621	Network Scanner	Sep 27, 2025	High(7.5)	No
EOL Debian OpenSSH	Network Scanner	Sep 27, 2025	Medium	No
Visual Studio Code launch.json Exposure	Network Scanner	Sep 26, 2025	Low	No
SonicWall Email Security <= 10.0.9.x - Unauthenticated Admin Account Creation CVE-2021-20021	Network Scanner	Sep 26, 2025	Critical(9.8)	No
Jeg Elementor Kit < 2.5.7 - Unauthenticated Settings Update CVE-2022-3805	Network Scanner	Sep 25, 2025	High(8.6)	No
The Plus Addons for Elementor Page Builder < 4.1.7 - Authentication Bypass CVE-2021-24175	Network Scanner	Sep 25, 2025	Critical(9.8)	No
mTheme Unus < 2.3 - Directory Traversal CVE-2015-9406	Network Scanner	Sep 25, 2025	High(7.5)	No
Adning Advertising <= 1.5.5 - Arbitrary File Upload CVE-2020-36705	Network Scanner	Sep 25, 2025	Critical(9.8)	No
Spam protection, AntiSpam, FireWall by CleanTalk < 5.153.4 - Unauthenticated Blind SQL Injection CVE-2021-24295	Network Scanner	Sep 25, 2025	High(7.5)	No
tagDiv Composer < 4.2 - Stored Cross-Site Scripting CVE-2023-3169	Network Scanner	Sep 25, 2025	Medium(6.1)	No
Newspaper Theme 6.4–6.7.1 - Privilege Escalation CVE-2016-10972	Network Scanner	Sep 25, 2025	Critical(9.8)	No
wpDiscuz <= 5.3.5 - SQL Injection CVE-2020-13640	Network Scanner	Sep 25, 2025	Critical(9.8)	No
Teleport - Authentication Bypass CVE-2025-49825	Network Scanner	Sep 25, 2025	Critical(9.8)	No
ListingPro < 2.6.1 - Sensitive Data Disclosure CVE-2020-36723	Network Scanner	Sep 25, 2025	Medium(5.3)	No
GoAnywhere - Authentication Bypass CVE-2025-10035	Network Scanner	Sep 25, 2025	Critical(10)	No
Form-Maker < 1.15.20 - Unauthenticated Arbitrary File Upload CVE-2023-4666	Network Scanner	Sep 25, 2025	Critical(9.8)	No
Better Search Replace < 1.4.5 - PHP Object Injection CVE-2023-6933	Network Scanner	Sep 25, 2025	Critical(9.8)	No
ListingPro < 2.6.1 - Arbitrary Plugin Installation/Activation/Deactivation CVE-2020-36719	Network Scanner	Sep 25, 2025	Critical(9.8)	No
D-Link DIR-300 / DIR-600 RCE Vulnerabilities (Feb 2013) - Active Check CVE-2013-10048 CVE-2013-10069	Network Scanner	Sep 24, 2025	Critical(9.8)	No
ProFTPD Backdoor Unauthorized Access Vulnerability (Dec 2010) - Active Check CVE-2010-20103	Network Scanner	Sep 24, 2025	N/A	No
DELMIA Apriso - Command Injection CVE-2025-6204	Network Scanner	Sep 24, 2025	Critical(9)	No