Resources

Vulnerability & Exploit Database

This is the list of vulnerabilities you can detect with Pentest-Tools.com and the exploits currently available in the platform.

We detect more than 15.418 vulnerabilities with multiple tools (Network Scanner, Website Scanner, Wordpress Scanner, and more) and we also have 166 exploit modules in Sniper to validate the risk level of critical CVEs.

Display

Displaying 1 - 25 results out of 15.418

Pentest-Tools.com Vulnerabilities
Name	Detectable with	Detection added	Severity	Exploitable with Sniper
Fortinet FortiWeb - SQL Injection CVE-2025-25257	Network Scanner	Aug 5, 2025	Critical(9.8)	No
Apache Tomcat - Directory Listing Enabled	Network Scanner	Aug 4, 2025	N/A	No
Simple User Registration <= 6.3 - Unauthenticated Privilege Escalation CVE-2025-4334	Network Scanner	Aug 2, 2025	Critical(9.8)	No
White Star Software ProTop - Directory Traversal CVE-2025-44177	Network Scanner	Aug 1, 2025	High(8.2)	No
Artica Proxy - Unauthenticated LFI CVE-2024-2053	Network Scanner	Aug 1, 2025	High(7.5)	No
Apache InLong - Default Login	Network Scanner	Jul 31, 2025	N/A	No
EasyCVR User - Information Disclosure	Network Scanner	Jul 31, 2025	N/A	No
EasyCVR <=2.1.2 - Information Disclosure CVE-2025-1595	Network Scanner	Jul 31, 2025	Medium(5.3)	No
XWiki 15.9-rc-1 < 15.10.8, 16.0.0-rc-1 < 16.2.0 RCE Vulnerability (GHSA-mvgm-3rw2-7j4r) CVE-2025-32974	Network Scanner	Jul 30, 2025	Critical(9)	No
XWiki 4.5.1 < 15.10.13, 16.0.0-rc-1 < 16.4.4, 16.5.0-rc-1 < 16.8.0 Incorrect Authorization Vulnerability (GHSA-987p-r3jc-8c8v) CVE-2025-32971	Network Scanner	Jul 30, 2025	Low(3.8)	No
XWiki 15.9-rc-1 < 15.10.16, 16.0.0-rc-1 < 16.4.7, 16.5.0-rc-1 < 16.10.2 XSS Vulnerability (GHSA-j7p2-87q3-44w7) CVE-2025-49587	Network Scanner	Jul 30, 2025	N/A	No
XWiki 11.10.11 < 16.4.7, 16.5.0-rc-1 < 16.10.3, 17.0.0-rc-1 < 17.0.0 RCE Vulnerability (GHSA-9875-cw22-f7cx) CVE-2025-49581	Network Scanner	Jul 30, 2025	N/A	No
XWiki 15.9-rc-1 < 16.4.7, 16.5.0-rc-1 < 16.10.3, 17.0.0-rc-1 < 17.0.0 RCE Vulnerability (GHSA-c32m-27pj-4xcj) CVE-2025-49582	Network Scanner	Jul 30, 2025	N/A	No
XWiki 15.3-rc-1 < 15.10.14, 16.0.0-rc-1 < 16.4.6, 16.5.0-rc-1 < 16.10.0 Missing Authorization Vulnerability (GHSA-f9c6-2f9p-82jj) CVE-2025-46557	Network Scanner	Jul 30, 2025	N/A	No
XWiki 13.5-rc-1 < 15.10.13, 16.0.0-rc-1 < 16.4.4, 16.5.0-rc-1 < 16.8.0 Open Redirect Vulnerability (GHSA-pjhg-9wr9-rj96) CVE-2025-32970	Network Scanner	Jul 30, 2025	Medium(6.1)	No
WordPress Information Disclosure Vulnerability (July 2025) - Windows CVE-2025-54352	Network Scanner	Jul 30, 2025	Low(3.7)	No
OpenMetadata - Default Login	Network Scanner	Jul 30, 2025	N/A	No
Bonita Web 2021.2 - Authentication/Authorization Bypass CVE-2022-25237	Network Scanner	Jul 30, 2025	Critical(9.8)	No
XWiki 7.4.5 < 8.0, 8.2 < 16.4.7, 16.5.0-rc-1 < 16.10.4, 17.0.0-rc-1 < 17.1.0 Privilege Escalation Vulnerability (GHSA-jm43-hrq7-r7w6) CVE-2025-49580	Network Scanner	Jul 30, 2025	N/A	No
Open Redirect via Organization Switching CVE-2025-6197	Network Scanner	Jul 30, 2025	Medium(4.2)	No
MikroTik RouterOS <= 7.19.3 Access Control Vulnerability CVE-2025-6443	Network Scanner	Jul 30, 2025	High(7.2)	No
Sonos Era < 83.1-61240 RCE Vulnerability CVE-2025-1051	Network Scanner	Jul 30, 2025	High(8.8)	No
Emby Server < 4.8.9 XSS Vulnerability CVE-2025-46383	Network Scanner	Jul 30, 2025	Medium(6.1)	No
Apache HTTP Server 2.4.64 RewriteCond Vulnerability - Windows CVE-2025-54090	Network Scanner	Jul 30, 2025	Medium(6.3)	No
Emby Server <= 4.8 Multiple Vulnerabilities CVE-2025-46384 CVE-2025-46385	Network Scanner	Jul 30, 2025	High(8.6)	No