S4E:Equality - Free Vulnerability Scanners

Online pentest tools to scan websites and applications for vulnerabilities, for free.

We have ~266 tools and adding new each day

Tool Name Desc Asset Verify API
NeDi 1.9C XSS CVE-2020-14413 Scanner Remote attacker can perform a reflected cross site scripting attack (XSS) by injecting malicious payload. Yes Yes
Cockpit prior to 0.12.0 NoSQL injection in /auth/newpassword CVE-2020-35848 Scanner Cockpit prior to 0.12.0 allows NoSQL injection vulnerability. Yes Yes
Cockpit prior to 0.12.0 NoSQL injection in /auth/resetpassword CVE-2020-35847 Scanner Cockpit prior to 0.12.0 allows NoSQL injection vulnerability. Yes Yes
Cockpit prior to 0.12.0 NoSQL injection in /auth/check CVE-2020-35846 Scanner Cockpit prior to 0.12.0 allows NoSQL injection vulnerability. Yes Yes
Gridx 1.3 RCE CVE-2020-19625 Scanner In Gridx 1.3, there is a remote code execution vulnerability. Yes Yes
Yii 2 (yiisoft/yii2) RCE CVE-2020-15148 Scanner There is a remote code execution vulnerability in Yii 2. Yes Yes
WordPress Payment Form For Paypal Pro Unauthenticated SQL Injection CVE-2020-14092 Scanner WordPress Payment Form For Paypal Pro allows SQL Injection vulnerability. Yes Yes
acf-to-rest-api wordpress plugin IDOR CVE-2020-13700 Scanner acf-to-rest-api wordpress plugin allows insecure direct object reference - IDOR vulnerability. Yes Yes
Bitrix24 through 20.0.0 allows XSS CVE-2020-13483 Scanner Remote attacker can perform a reflected cross site scripting attack (XSS) by injecting malicious payload. Yes Yes
Micro Focus UCMDB RCE CVE-2020-11854 Scanner There is a remote code execution vulnerability in Micro Focus UCMDB. Yes Yes
WSO2 Carbon Management Console - XSS CVE-2020-17453 Scanner Remote attacker can perform a reflected cross site scripting attack (XSS) by injecting malicious payload. Yes Yes
Micro Focus Operation Bridge Manager RCE CVE-2020-11853 Scanner There is a remote code execution vulnerability in Micro Focus Operation Bridge Manager. Yes Yes
FortiLogger Unauthenticated Arbitrary File Upload CVE-2021-3378 Scanner FortiLogger allows unauthenticated arbitrary file upload vulnerability. Yes Yes
Triconsole 3.75 XSS CVE-2021-27330 Scanner Remote attacker can perform a reflected cross site scripting attack (XSS) by injecting malicious payload. Yes Yes
CRLF Injection - Sercomm VD625 CVE-2021-27132 Scanner SerComm AG Combo VD625 AGSOT_2.1.0 devices allow CRLF Injection vulnerability. Yes Yes

Need a Full Assesment?

Get help from professional hackers. Learn about our penetration test service now!

Request Pentest Service