Resources

Vulnerability & Exploit Database

This is the list of vulnerabilities you can detect with Pentest-Tools.com and the exploits currently available in the platform.

We detect more than 16.908 vulnerabilities with multiple tools (Network Scanner, Website Scanner, Wordpress Scanner, and more) and we also have 190 exploit modules in Sniper to validate the risk level of critical CVEs.

Display

Displaying 1 - 25 results out of 16.908

Pentest-Tools.com Vulnerabilities
Name	Detectable with	Detection added	Severity	Exploitable with Sniper
DbGate Anonymous Access	Network Scanner	Apr 16, 2026	High	No
Cockpit Web Console < 360 - Remote Code Execution CVE-2026-4631	Network Scanner	Apr 16, 2026	Critical(9.8)	No
Reflected Odoo - Open Redirect	Network Scanner	Apr 16, 2026	Low	No
User Registration & Membership WordPress plugin - Open Redirect CVE-2026-6203	Network Scanner	Apr 15, 2026	Medium(6.1)	No
AstrBot <= 4.22.1 - Command Injection CVE-2026-6118	Network Scanner	Apr 15, 2026	High(8.8)	No
Flowise - NVIDIA NIM Endpoints Missing Authentication CVE-2026-30824	Network Scanner	Apr 15, 2026	High(8.6)	No
Team WordPress Plugin (TLP Team) <= 5.0.9 - SQL Injection CVE-2025-14124	Network Scanner	Apr 15, 2026	High(8.6)	No
LoLLMs WEBUI - Server-Side Request Forgery CVE-2026-33340	Network Scanner	Apr 15, 2026	Critical(9.1)	No
WCAPF WooCommerce Ajax Product Filter - SQL Injection CVE-2026-3396	Network Scanner	Apr 15, 2026	High(7.5)	No
Cisco Secure Firewall Management Center - Authentication Bypass CVE-2026-20079	Network Scanner	Apr 14, 2026	Critical(10)	No
HT Mega < 3.0.7 - Sensitive Information Disclosure CVE-2026-4106	Network Scanner	Apr 14, 2026	High(7.5)	No
Geo Mashup <= 1.13.17 - SQL Injection CVE-2026-2416	Network Scanner	Apr 14, 2026	High(7.5)	No
AstrBot - Default Login	Network Scanner	Apr 14, 2026	High	No
ComfyUI-Manager < 3.38 - Configuration Overwrite CVE-2025-67303	Network Scanner	Apr 14, 2026	Critical(9.8)	No
WordPress CBX Bookmark & Favorite Plugin <= 2.0.4 - SQL Injection CVE-2025-13652	Network Scanner	Apr 13, 2026	Critical(9.1)	No
FreeScout Installer Exposure	Network Scanner	Apr 13, 2026	High	No
Spring Framework Path Traversal in Functional Web Frameworks CVE-2024-38819	Network Scanner	Apr 13, 2026	High(7.5)	No
EventON Lite <= 2.4 - Authenticated Local File Inclusion CVE-2025-32614	Network Scanner	Apr 13, 2026	High(8.8)	No
WordPress WPCOM Member <= 1.7.6 - SQL Injection CVE-2025-2221	Network Scanner	Apr 13, 2026	High(7.5)	No
WSO2 - Server Side Request Forgery CVE-2025-5350	Network Scanner	Apr 13, 2026	Medium(5.9)	No
Leantime - Unfinished Installation	Network Scanner	Apr 11, 2026	High	No
Devtron JavaScript Environment Configuration - Exposure	Network Scanner	Apr 11, 2026	Low	No
AntD Admin - Sensitive Information Disclosure CVE-2021-46371	Network Scanner	Apr 11, 2026	High(7.5)	No
WordPress File Manager <= 7.2.1 - Directory Traversal CVE-2023-6825	Network Scanner	Apr 10, 2026	Critical(9.9)	No
Chanjet CRM - SQL Injection	Network Scanner	Apr 10, 2026	High	No