S4E:Equality - Free Vulnerability Scanners

Online pentest tools to scan websites and applications for vulnerabilities, for free.

We have ~1875 tools and adding new each day

Tool Name Desc Asset Verify API
OctoberCMS Authenticated Remote Code Execution Vulnerability CVE-2022-21705 Scanner In OctoberCMS, there is an Authenticated Remote Code Execution vulnerability. Yes Yes
Oracle E-Business - Login Panel Registration Accessible CVE-2022-21500 Scanner Oracle E-Business allows Accessible Login Panel Registration vulnerability. Yes Yes
Drawio - SSRF on /proxy endpoint CVE-2022-1713 Scanner There is a server side request forgery (SSRF) vulnerability in Drawio. Yes Yes
The School Management < 9.9.7 - Remote Code Execution Vulnerability CVE-2022-1609 Scanner In The School Management < 9.9.7, there is a Remote Code Execution vulnerability. Yes Yes
WordPress Plugin WPQA < 5.5 - Unauthenticated Private Message Disclosure CVE-2022-1598 Scanner In WordPress Plugin WPQA < 5.5, there is an Unauthenticated Private Message Disclosure vulnerability. Yes Yes
WPQA < 5.4 - Reflected Cross-Site Scripting (XSS) Vulnerability CVE-2022-1597 Scanner Remote attacker can perform a reflected cross site scripting attack (XSS) by injecting malicious payload. Yes Yes
Microweber Reflected Cross-Site Scripting (XSS) Vulnerability CVE-2022-1439 Scanner Remote attacker can perform a reflected cross site scripting attack (XSS) by injecting malicious payload. Yes Yes
Videos sync PDF <= 1.7.4 - Unauthenticated LFI Vulnerability CVE-2022-1392 Scanner There is a local file inclusion vulnerability in Videos sync PDF <= 1.7.4, which allow remote attackers to read arbitrary files. Yes Yes
Gwyn's Imagemap Selector <= 0.3.3 - Reflected Cross-Site Scripting CVE-2022-1221 Scanner Remote attacker can perform a reflected cross site scripting attack (XSS) by injecting malicious payload. Yes Yes
WordPress Simple File List < 3.2.8 - Arbitrary File Retrieval Vulnerability CVE-2022-1119 Scanner There is an arbitrary file retrieval vulnerability in WordPress Simple File List < 3.2.8, which allow remote attackers to read arbitrary files. Yes Yes
RSVP and Event Management < 2.7.8 - Unauthenticated Entries Export Vulnerability CVE-2022-1054 Scanner RSVP and Event Management < 2.7.8 allows Unauthenticated Entries Export vulnerability. Yes Yes
Sophos Firewall <=18.5 MR3 - Remote Code Execution Vulnerability CVE-2022-1040 Scanner In Sophos Firewall <=18.5 MR3, there is a Remote Code Execution vulnerability. Yes Yes
WordPress WooCommerce <3.1.2 - Arbitrary Function Call Vulnerability CVE-2022-1020 Scanner WordPress WooCommerce <3.1.2 allows Arbitrary Function Call vulnerability. Yes Yes
RevealJS postMessage Cross Site Scripting (XSS) Vulnerability CVE-2022-0776 Scanner Remote attacker can perform a dom based cross site scripting attack (XSS) by injecting malicious payload. Yes Yes
Drag and Drop Multiple File Upload - Contact Form 7 < 1.3.6.3 - Unauthenticated Stored XSS CVE-2022-0595 Scanner Remote attacker can perform a stored cross site scripting attack (XSS) by injecting malicious payload. Yes Yes

Need a Full Assessment?

Get help from professional hackers. Learn about our penetration test service now!

Request Pentest Service