Pentest Advisories

Our latest advisories

Take a look at the latest advisories from the security consultants at Pentest.

CVE

Impact

Researcher

Date

Product

Additional info

CVE-2023-21516

RCE

Sam Thomas

June 2023

Samsung Galaxy S22

CVE-2022-29842

RCE

Sam Thomas

June 2023

Western Digital MyCloud PR4100

CVE-2022-29840

Server-Side Request Forgery

Sam Thomas

June 2023

Western Digital MyCloud PR4100

CVE-2022-36326

Denial-of-Service

Sam Thomas

June 2023

Western Digital MyCloud PR4100

CVE-2022-1517

Execution with unnecessary privileges

Scott Laurie

June 2022

Illumina

CVE-2022-1518

Path traversal

Scott Laurie

June 2022

Illumina

CVE-2022-1519

Unrestricted upload of file

Scott Laurie

June 2022

Illumina

CVE-2022-1521

Improper access controls

Scott Laurie

June 2022

Illumina

CVE-2022-1524

Cleartext transmission of sensitive info

Scott Laurie

June 2022

Illumina

CVE-2021-37168

XSS

Nour Alomary

May 2022

SoPlanning

CVE-2021-37169

SQLi

Nour Alomary

May 2022

SoPlanning

CVE-2021-37170

SQLi

Nour Alomary

May 2022

SoPlanning

CVE-2021-37171

XSS

Nour Alomary

May 2022

SoPlanning

CVE-2022-44082

XSS to RCE

Paul Ritchie

March 2022

Textpattern CMS

CVE-2021-42215

XSS

Sam Moore

October 2021

OpenCMS

CVE-2021-42214

Denial of Service

Paul Ritchie

October 2021

OpenCMS

CVE-2021-42213

XSS

Paul Ritchie

October 2021

OpenCMS

CVE-2021-42212

XSS

Paul Ritchie

October 2021

OpenCMS

CVE-2021-42211

XSS

Paul Ritchie

October 2021

OpenCMS

CVE-2021-42210

XSS

Paul Ritchie

October 2021

OpenCMS

CVE-2021-42209

XSS

Paul Ritchie

October 2021

OpenCMS

CVE-2021-42208

Unvalidated Redirect

Paul Ritchie

October 2021

OpenCMS

CVE-2021-42207

Unvalidated Redirect

Sam Moore

October 2021

OpenCMS

CVE-2021-42206

Clickjacking

Paul Ritchie

October 2021

OpenCMS

CVE-2021-27980

Authentication Bypass

Paul Ritchie

May 2021

Fedena School Management Software

CVE-2021-27974

RCE

Chris Young

May 2021

Fedena School Management Software

CVE-2021-27979

SQL Injection

Chadwick Jam

May 2021

Fedena School Management Software

CVE-2021-27976

Broken Access Controls

Chadwick Jam

May 2021

Fedena School Management Software

CVE-2021-27975

XSS

Chadwick Jam

May 2021

Fedena School Management Software

CVE-2021-27977

XSS

Chris Young

May 2021

Fedena School Management Software

CVE-2021-27978

XSS

Chris Young

May 2021

Fedena School Management Software 

CVE-2020-28970

RCE

Sam Thomas

December 2020

Western Digital – My Cloud OS 5

CVE-2020-13664

RCE

Sam Thomas
Lorenzo Grespan

June 2020

Drupal Core

CVE-2020-4046

XSS to RCE

Sam Thomas

June 2020

WordPress Core

CVE-2020-10243

SQLi

Sam Thomas

March 2020

Joomla! CMS

CVE-2020-8498

XSS

Paul Ritchie
Sam Thomas

January 2020

GistPress WordPress plugin

CVE-2020-7055

RCE

Sam Thomas
Kyle Fleming

January 2020

Elementor WordPress plugin

CVE-2019-15780

RCE

Sam Thomas
Nour Alomary

August 2019

Formidable WordPress plugin

Looking for more than just a test provider?

Get in touch with our experienced team and find out more about how we can help you obtain the information security confidence you require.