Skip to main content

Resources

Vulnerability & Exploit Database

This is the list of vulnerabilities you can detect with Pentest-Tools.com and the exploits currently available in the platform.

We detect more than 16.973 vulnerabilities with multiple tools (Network Scanner, Website Scanner, Wordpress Scanner, and more) and we also have 190 exploit modules in Sniper to validate the risk level of critical CVEs.

Display

Displaying 1 - 25 results out of 16.831

Pentest-Tools.com Vulnerabilities
Name
Detectable with
Detection added
Severity
Exploitable
with Sniper
cPanel & WHM - Authentication Bypass via Session-File CRLF Injection
CVE-2026-41940
Network Scanner

Critical(9.8)

No
Weglot API Key - ExposedNetwork Scanner

Medium

No
Blinko < 1.8.4 - Path Traversal
CVE-2026-23482
Network Scanner

High(7.5)

No
Blinko <= 1.8.3 - Path Traversal via /plugins
CVE-2026-23483
Network Scanner

Medium(5.3)

No
Mesop AI Sandbox <= 1.2.2 - Remote Code Execution
CVE-2026-33057
Network Scanner

Critical(9.8)

No
Cybersecurity Infrastructure Security Agency (CISA)Langflow < 1.9.0 - Remote Code Execution
CVE-2026-33017
Network Scanner

Critical(9.8)

No
FormLift for Infusionsoft Web Forms <= 7.5.17 - SQL Injection
CVE-2024-38773
Network Scanner

Critical(10)

No
MaNGOSWebV4 < 4.0.8 - Cross-Site Scripting
CVE-2017-6478
Network Scanner

Medium(6.1)

No
Breeze <= 2.4.4 - Arbitrary File Upload
CVE-2026-3844
Network Scanner

Critical(9.8)

No
Video Conferencing with Zoom API < 4.6.6 - Unauthenticated SDK Signature Generation
CVE-2026-1368
Network Scanner

High(7.5)

No
ProFTPD mod_sql - Preauth User Backdoor
CVE-2026-42167
Network Scanner

Critical(9.8)

No
RosarioSIS 6.7.2 - Cross-Site Scripting
CVE-2020-15718
Network Scanner

Medium(6.1)

No
Blinko <= 1.8.3 - User Information Leak
CVE-2026-23486
Network Scanner

Medium(5.3)

No
WordPress Gerencianet Oficial <= 3.1.3 - Unauthenticated Order Status Disclosure
CVE-2025-59136
Network Scanner

Medium(5.3)

No
RestroPress 3.0.0-3.2.1 - Authentication Bypass
CVE-2025-9209
Network Scanner

Critical(9.8)

No
WordPress 3D FlipBook Plugin <= 1.16.17 - Sensitive Information Exposure
CVE-2025-58226
Network Scanner

Medium(5.3)

No
NocoBase - SQL Injection
CVE-2026-41640
Network Scanner

High(7.5)

No
WooCommerce Designer Pro <= 1.9.28 - Arbitrary File Read
CVE-2025-10897
Network Scanner

High(8.6)

No
Ajax Load More < 7.6.1 - Unauthenticated Sensitive Information Exposure
CVE-2025-59582
Network Scanner

Medium(5.3)

No
NocoBase - SQL Injection
CVE-2026-41641
Network Scanner

High(7.2)

No
Export WP Page to Static HTML <= 4.3.4 - Cookie Exposure
CVE-2025-11693
Network Scanner

Critical(9.8)

No
Simply Static - Information Disclosure
CVE-2024-32825
Network Scanner

Medium(7.5)

No
Avid NEXIS Agent - Arbitrary File Read
CVE-2024-26291
Network Scanner

High(7.5)

No
LiteLLM - Arbitrary File Read
CVE-2026-35029
Network Scanner

High(8.8)

No
Filestash - Installer ExposureNetwork Scanner

High

No