Skip to main content
HomePentest-Tools.com Logo

Resources

Vulnerability & Exploit Database

This is the list of vulnerabilities that can be detected with Pentest-Tools.com and the exploits that are currently available in the platform.

We detect more than 11.151 vulnerabilities with multiple tools (Network Scanner, Website Scanner, Wordpress Scanner, and more) and we also have 131 exploit modules in Sniper to validate the risk level of critical CVEs.

Display

Displaying 1 - 25 results out of 11.151

Pentest-Tools.com Vulnerabilities
Name
CVE
Detectable
with
Detection added
Severity
CVSSv3
score
Exploitable
with Sniper
NextGen Healthcare Mirth Connect - Remote Code Execution
CVE-2023-43208
Network Scanner

High

9.8No
Academy LMS 6.0 - Cross-Site Scripting
CVE-2023-38964
Network Scanner

Medium

6.1No
EventON (Free < 2.2.8, Premium < 4.5.5) - Information Disclosure
CVE-2024-0235
Network Scanner

Medium

5.3No
WordPress Automatic Plugin <= 3.92.0 - SQL Injection
CVE-2024-27956
Network Scanner

High

9.9No
SuperWebMailer 9.31.0.01799 - Cross-Site Scripting
CVE-2024-24131
Network Scanner

Medium

6.1No
CData API Server < 23.4.8844 - Path Traversal
CVE-2024-31849
Network Scanner

High

9.8No
Netmaker - Hardcoded DNS Secret Key
CVE-2023-32077
Network Scanner

High

7.5No
Sidekiq < 7.0.8 - Cross-Site Scripting
CVE-2023-1892
Network Scanner

High

8.3No
Gradio - Server Side Request Forgery
CVE-2024-1183
Network Scanner

Medium

6.5No
Modoboa < 2.1.0 - Improper Authorization
CVE-2023-2227
Network Scanner

High

9.1No
RaidenMAILD Mail Server v.4.9.4 - Path Traversal
CVE-2024-32399
Network Scanner

High

---No
Flowise 1.6.5 - Authentication Bypass
CVE-2024-31621
Network Scanner

High

---No
Academy LMS 6.2 - Cross-Site Scripting
CVE-2023-4973
Network Scanner

Medium

6.1No
OpenEMR < 7.0.1 - Cross-Site Scripting
CVE-2023-2948
Network Scanner

Medium

6.1No
OpenEMR < 7.0.1 - Cross-site Scripting
CVE-2023-2949
Network Scanner

Medium

6.1No
Cassia Gateway Firmware - Remote Code Execution
CVE-2023-31446
Network Scanner

High

9.8No
Progress Kemp Flowmon - Command Injection
CVE-2024-2389
Network Scanner

High

10No
Cybersecurity Infrastructure Security Agency (CISA)GlobalProtect - OS Command Injection
CVE-2024-3400
Network Scanner

High

10No
AudioCodes Device Manager Express - SQL Injection
CVE-2022-24627
Network Scanner

High

9.8No
LoadMaster - Remote Code Execution
CVE-2024-1212
Network Scanner

High

10Yes
OpenSSH Terrapin Attack - Detection
CVE-2023-48795
Network Scanner

Medium

5.9No
GoAnywhere MFT - Authentication Bypass
CVE-2024-0204
Network Scanner

High

9.8Yes
ReCrystallize Server - Authentication Bypass
CVE-2024-26331
Network Scanner

High

---No
Popup by Supsystic < 1.10.9 - Subscriber Email Addresses Disclosure
CVE-2022-0424
Network Scanner

Medium

5.3No
Travelpayouts <= 1.1.16 - Open Redirect
CVE-2024-0337
Network Scanner

Medium

---No