Skip to main content

Resources

Vulnerability & Exploit Database

This is the list of vulnerabilities you can detect with Pentest-Tools.com and the exploits currently available in the platform.

We detect more than 16.973 vulnerabilities with multiple tools (Network Scanner, Website Scanner, Wordpress Scanner, and more) and we also have 190 exploit modules in Sniper to validate the risk level of critical CVEs.

Display

Displaying 1 - 25 results out of 16.973

Pentest-Tools.com Vulnerabilities
Name
Detectable with
Detection added
Severity
Exploitable
with Sniper
Blinko < 1.8.4 - Path Traversal
CVE-2026-23482
Network Scanner

High(7.5)

No
Weglot API Key - ExposedNetwork Scanner

Medium

No
FormLift for Infusionsoft Web Forms <= 7.5.17 - SQL Injection
CVE-2024-38773
Network Scanner

Critical(10)

No
Video Conferencing with Zoom API < 4.6.6 - Unauthenticated SDK Signature Generation
CVE-2026-1368
Network Scanner

High(7.5)

No
Mesop AI Sandbox <= 1.2.2 - Remote Code Execution
CVE-2026-33057
Network Scanner

Critical(9.8)

No
Cybersecurity Infrastructure Security Agency (CISA)Langflow < 1.9.0 - Remote Code Execution
CVE-2026-33017
Network Scanner

Critical(9.8)

No
Blinko <= 1.8.3 - Path Traversal via /plugins
CVE-2026-23483
Network Scanner

Medium(5.3)

No
cPanel & WHM - Authentication Bypass via Session-File CRLF Injection
CVE-2026-41940
Network Scanner

Critical(9.8)

No
Breeze <= 2.4.4 - Arbitrary File Upload
CVE-2026-3844
Network Scanner

Critical(9.8)

No
ProFTPD mod_sql - Preauth User Backdoor
CVE-2026-42167
Network Scanner

Critical(9.8)

No
MaNGOSWebV4 < 4.0.8 - Cross-Site Scripting
CVE-2017-6478
Network Scanner

Medium(6.1)

No
RosarioSIS 6.7.2 - Cross-Site Scripting
CVE-2020-15718
Network Scanner

Medium(6.1)

No
Blinko <= 1.8.3 - User Information Leak
CVE-2026-23486
Network Scanner

Medium(5.3)

No
WordPress Gerencianet Oficial <= 3.1.3 - Unauthenticated Order Status Disclosure
CVE-2025-59136
Network Scanner

Medium(5.3)

No
RestroPress 3.0.0-3.2.1 - Authentication Bypass
CVE-2025-9209
Network Scanner

Critical(9.8)

No
Export WP Page to Static HTML <= 4.3.4 - Cookie Exposure
CVE-2025-11693
Network Scanner

Critical(9.8)

No
NocoBase - SQL Injection
CVE-2026-41641
Network Scanner

High(7.2)

No
WooCommerce Designer Pro <= 1.9.28 - Arbitrary File Read
CVE-2025-10897
Network Scanner

High(8.6)

No
NocoBase - SQL Injection
CVE-2026-41640
Network Scanner

High(7.5)

No
Ajax Load More < 7.6.1 - Unauthenticated Sensitive Information Exposure
CVE-2025-59582
Network Scanner

Medium(5.3)

No
WordPress 3D FlipBook Plugin <= 1.16.17 - Sensitive Information Exposure
CVE-2025-58226
Network Scanner

Medium(5.3)

No
Simply Static - Information Disclosure
CVE-2024-32825
Network Scanner

Medium(7.5)

No
Avid NEXIS Agent - Arbitrary File Read
CVE-2024-26291
Network Scanner

High(7.5)

No
LiteLLM - Arbitrary File Read
CVE-2026-35029
Network Scanner

High(8.8)

No
Filestash - Installer ExposureNetwork Scanner

High

No