Now testing for the following vulnerabilities

new tests

April 11, 2025

New tests built and released by Alfred, our AI Security Researcher:

Haven't met Alfred yet? You can read more about how we're using AI to discover, source, and build tests for CVEs here.

New tests released based on submissions by our Detectify Crowdsource hackers:

CVE-2025-2746: Kentico Xperience 13 CMS Authentication Bypass [9.8 / Critical]
CVE-2024-53704: SSLVPN Improper Authentication [8.2 / High]
CVE-2024-53675: HPE Insight Remote Support XXE Information Disclosure [7.5 / High]
CVE-2024-6892: Journyx Reflected XSS [4.7 / Medium]
CVE-2023-28770: Zyxel Information Disclosure [7.5 / High]
CVE-2021-46417: Franklin Fueling Systems Colibri - Local File Inclusion [7.5 / High]
CVE-2018-19326: Zyxel VMG1312-B10D Directory Traversal [7.5 / High]
UPS Network Management Card 4 - Path Traversal [7.5 / High]
GeoVision GV-SNVR0811: Directory Traversal [7.5 / High]
Evoluted Reflected XSS [6.1 / Medium]
FastCGI Config File Exposure [5.3 / Medium]
Fastly Debug Headers [4.4 / Medium]
Gotenberg API Exposure [6.5 / Medium]
Netis WiFi Information Disclosure [5.8 / Medium]
NocoDB App Information Disclosure [5.3 / Medium]
Svnserve Config File Exposure [5.3 / Medium]

New tests released by Detectify staff:

Improved tests to reduce false negatives:

Improved finding information:

Thanks for your feedback

What's new at Detectify