Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,062cataloged exploits
31,617CVEs with public exploitation
0lab-tested
AllExploit-DB 22,467Referência 19,791GitHub PoC 13,086VulnCheck XDB 8,069Nuclei 4,187Metasploit 3,462✓ verified onlyrecentpopularrisk
4,187 exploits
Nucleimedium
Netsweeper 4.0.3 - Cross-Site Scripting
Cross-site scripting (XSS) vulnerability in webadmin/policy/group_table_ajax.php/ in Netsweeper before 3.1.10, 4.0.x bef
18RISK
open ↗Nucleimedium
Netsweeper 4.0.8 - Directory Traversal
Directory traversal vulnerability in webadmin/reporter/view_server_log.php in Netsweeper before 3.1.10, 4.0.x before 4.0
23RISK
open ↗Nucleicritical
Netsweeper 4.0.5 - Default Weak Account
The Web Panel in Netsweeper before 4.0.5 has a default password of branding for the branding account, which makes it eas
30RISK
open ↗Nucleimedium
Netsweeper 4.0.4 - Cross-Site Scripting
Cross-site scripting (XSS) vulnerability in Netsweeper 4.0.4 allows remote attackers to inject arbitrary web script or H
18RISK
open ↗Nucleimedium
Netsweeper 3.0.6 - Open Redirection
Open redirect vulnerability in remotereporter/load_logfiles.php in Netsweeper before 4.0.5 allows remote attackers to re
18RISK
open ↗Nucleicritical
Netsweeper - Authentication Bypass
The Client Filter Admin portal in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote att
60RISK
open ↗Nucleihigh
WordPress RevSlider - Remote Code Execution via File Upload
The ThemePunch Slider Revolution (revslider) plugin before 3.0.96 for WordPress and Showbiz Pro plugin 1.7.1 and earlier
60RISK
open ↗Nucleicritical
ADB/Pirelli ADSL2/2+ Wireless Router P.DGA4001N - Information Disclosure
The ADB (formerly Pirelli Broadband Solutions) P.DGA4001N router with firmware PDG_TEF_SP_4.06L.6 does not properly rest
50RISK
open ↗Nucleihigh
WordPress Candidate Application Form <= 1.3 - Local File Inclusion
Remote file download vulnerability in candidate-application-form v1.0 wordpress plugin
18RISK
open ↗Nucleihigh
WordPress Simple Image Manipulator < 1.0 - Local File Inclusion
Remote file download in simple-image-manipulator v1.0 wordpress plugin
18RISK
open ↗Nucleihigh
WordPress MyPixs <=0.3 - Local File Inclusion
Local File Inclusion Vulnerability in mypixs v0.3 wordpress plugin
18RISK
open ↗Nucleicritical
Xdebug <= 2.5.5 - Command Injection
Xdebug Remote Debugger Unauthenticated OS Command Execution
63RISK
open ↗Nucleihigh
ElasticSearch - Remote Code Execution
The Groovy scripting engine in Elasticsearch before 1.3.8 and 1.4.x before 1.4.3 allows remote attackers to bypass the s
100RISK
open ↗Nucleihigh
IceWarp Mail Server <11.1.1 - Directory Traversal
Multiple directory traversal vulnerabilities in IceWarp Mail Server before 11.2 allow remote attackers to read arbitrary
50RISK
open ↗Nucleimedium
WordPress Slider Revolution - Local File Disclosure
Directory traversal vulnerability in the Elegant Themes Divi theme for WordPress allows remote attackers to read arbitra
43RISK
open ↗Nucleicritical
Microsoft Windows 'HTTP.sys' - Remote Code Execution
HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold an
100RISK
open ↗Nucleimedium
Fortinet FortiOS <=5.2.3 - Cross-Site Scripting
Cross-site scripting (XSS) vulnerability in the sslvpn login page in Fortinet FortiOS 5.2.x before 5.2.3 allows remote a
23RISK
open ↗Nucleihigh
WP Attachment Export < 0.2.4 - Unrestricted File Download
WP Attachment Export < 0.2.4 - Unauthenticated Posts Download
18RISK
open ↗Nucleimedium
Magento Server MAGMI - Directory Traversal
Directory traversal vulnerability in web/ajax_pluginconf.php in the MAGMI (aka Magento Mass Importer) plugin for Magento
50RISK
open ↗Nucleimedium
Magento Server Mass Importer - Cross-Site Scripting
Multiple cross-site scripting (XSS) vulnerabilities in the MAGMI (aka Magento Mass Importer) plugin for Magento Server a
43RISK
open ↗Nucleihigh
Eclipse Jetty <9.2.9.v20150224 - Sensitive Information Leakage
The exception handling code in Eclipse Jetty before 9.2.9.v20150224 allows remote attackers to obtain sensitive informat
60RISK
open ↗Nucleimedium
Ericsson Drutt MSDP - Local File Inclusion
Directory traversal vulnerability in the Instance Monitor in Ericsson Drutt Mobile Service Delivery Platform (MSDP) 4, 5
43RISK
open ↗Nucleihigh
WordPress Spider Calendar <=1.4.9 - SQL Injection
SQL injection vulnerability in Spider Event Calendar 1.4.9 for WordPress allows remote attackers to execute arbitrary SQ
43RISK
open ↗Nucleimedium
WordPress AB Google Map Travel <=3.4 - Stored Cross-Site Scripting
Multiple cross-site request forgery (CSRF) vulnerabilities in the AB Google Map Travel (AB-MAP) plugin before 4.0 for Wo
18RISK
open ↗Nucleicritical
DotNetNuke 07.04.00 - Administration Authentication Bypass
The installation wizard in DotNetNuke (DNN) before 7.4.1 allows remote attackers to reinstall the application and gain S
60RISK
open ↗Nucleimedium
Navis DocumentCloud <0.1.1 - Cross-Site Scripting
Cross-site scripting (XSS) vulnerability in js/window.php in the Navis DocumentCloud plugin before 0.1.1 for WordPress a
18RISK
open ↗Nucleimedium
Kaseya Virtual System Administrator - Open Redirect
Open redirect vulnerability in Kaseya Virtual System Administrator (VSA) 7.x before 7.0.0.29, 8.x before 8.0.0.18, 9.0 b
43RISK
open ↗Nucleihigh
SysAid Help Desk <15.2 - Local File Inclusion
Multiple directory traversal vulnerabilities in SysAid Help Desk before 15.2 allow remote attackers to (1) read arbitrar
60RISK
open ↗Nucleihigh
TP-LINK - Local File Inclusion
Directory traversal vulnerability in TP-LINK Archer C5 (1.2) with firmware before 150317, C7 (2.0) with firmware before
100RISK
open ↗Nucleimedium
Ruby on Rails Web Console - Remote Code Execution
request.rb in Web Console before 2.1.3, as used with Ruby on Rails 3.x and 4.x, does not properly restrict the use of X-
50RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.