Resources

Vulnerability & Exploit Database

This is the list of vulnerabilities you can detect with Pentest-Tools.com and the exploits currently available in the platform.

We detect more than 16.073 vulnerabilities with multiple tools (Network Scanner, Website Scanner, Wordpress Scanner, and more) and we also have 177 exploit modules in Sniper to validate the risk level of critical CVEs.

Display

Is exploitable with Sniper

Is in CISA catalog

Detectable with

Displaying 1 - 25 results out of 177

Pentest-Tools.com Vulnerabilities
Name	Detectable with	Detection added	Severity	Exploitable with Sniper
React Server Components - Remote Code Execution CVE-2025-55182	Network Scanner	Dec 9, 2025	Critical(10)	Yes
Fortinet FortiWeb - Authentication Bypass & Remote Code Execution CVE-2025-64446 CVE-2025-58034	Network Scanner	Dec 2, 2025	Critical(9.8)	Yes
WordPress Simple File List - Unauthenticated RCE CVE-2020-36847	Network Scanner	Nov 25, 2025	Critical(9.8)	Yes
React Native Community CLI development server - Remote Code Execution CVE-2025-11953	Network Scanner	Nov 18, 2025	Critical(9.8)	Yes
ASP.NET Core - Request Smuggling CVE-2025-55315	Network Scanner	Nov 18, 2025	Critical(9.9)	Yes
Oracle E-Business Suite - Remote Code Execution CVE-2025-61882	Network Scanner	Nov 4, 2025	Critical(9.8)	Yes
Magento & Adobe Commerce - Account Takeover CVE-2025-54236	Network Scanner	Oct 15, 2025	Critical(9.1)	Yes
FreePBX - Authentication Bypass leading to SQL Injection & Remote Code Execution CVE-2025-57819	Network Scanner	Sep 30, 2025	Critical(9.8)	Yes
Fortinet FortiSIEM - Remote Code Execution CVE-2025-25256	Network Scanner	Sep 9, 2025	Critical(9.8)	Yes
Microsoft Sharepoint - Authentication Bypass & Remote Code Execution CVE-2025-53771 CVE-2025-49704	Network Scanner	Sep 9, 2025	High(8.8)	Yes
SSH user enumeration CVE-2018-15473	Network Scanner	Aug 19, 2025	Medium(5.3)	Yes
Ivanti Endpoint Manager Mobile - Remote Code Execution CVE-2025-4427	Network Scanner	Jul 1, 2025	High(7.5)	Yes
Wordpress TemplateInvaders - Arbitrary File Upload CVE-2025-47577	Network Scanner	Jun 24, 2025	Critical(10)	Yes
Craft CMS - Remote Code Execution CVE-2024-56145	Network Scanner	Jun 2, 2025	Critical(9.8)	Yes
SMB - Anonymous Write Access	Network Scanner	May 20, 2025	Critical(9.8)	Yes
SMB - Anonymous Access	Network Scanner	Apr 29, 2025	High(8.2)	Yes
Zyxel - Default credentials CVE-2025-0890	Network Scanner	Apr 1, 2025	Critical(9.8)	Yes
WordPress WP File Upload Plugin - Remote Code Execution CVE-2024-11635	Network Scanner	Apr 1, 2025	Critical(9.8)	Yes
Zyxel - Telnet Command Injection CVE-2024-40891	Network Scanner	Apr 1, 2025	High(8.8)	Yes
Wordpress WP Query Console - Remote Code Execution CVE-2024-50498	Network Scanner	Mar 4, 2025	Critical(9.8)	Yes
Craft CMS - Remote Code Execution CVE-2023-41892	Network Scanner	Mar 4, 2025	Critical(9.8)	Yes
Wordpress Really Simple Security - Authentication Bypass CVE-2024-10924	Network Scanner	Feb 18, 2025	Critical(9.8)	Yes
Cleo Harmony, VLTrader and LexiCom - Arbitrary File Read and Write CVE-2024-50623	Network Scanner	Jan 21, 2025	Critical(9.8)	Yes
ProjectSend - Authentication Bypass CVE-2024-11680	Network Scanner	Jan 21, 2025	Critical(9.8)	Yes
CyberPanel - Remote Code Execution CVE-2024-51378	Network Scanner	Jan 14, 2025	Critical(9.8)	Yes