Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,062cataloged exploits
31,617CVEs with public exploitation
0lab-tested
AllExploit-DB 22,467Referência 19,791GitHub PoC 13,086VulnCheck XDB 8,069Nuclei 4,187Metasploit 3,462✓ verified onlyrecentpopularrisk
22,467 exploits
Exploit-DB
KiTTY 0.76.1.13 - Command Injection
KiTTY versions 0.76.1.13 and before is vulnerable to command injection via the filename variable, occurs due to insuffic
41RISK
open ↗Exploit-DB
GitLab CE/EE < 16.7.2 - Password Reset
Weak Password Recovery Mechanism for Forgotten Password in GitLab
100RISK
open ↗Exploit-DB
Honeywell PM43 < P10.19.050004 - Remote Code Execution (RCE)
Printer web page invalid command execution
75RISK
open ↗Exploit-DB
Viessmann Vitogate 300 2.1.3.0 - Remote Code Execution (RCE)
Viessmann Vitogate 300 direct request
38RISK
open ↗Exploit-DB
JetBrains TeamCity 2023.05.3 - Remote Code Execution (RCE)
In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible
100RISK
open ↗Exploit-DB
KiTTY 0.76.1.13 - 'Start Duplicated Session Username' Buffer Overflow
KiTTY versions 0.76.1.13 and before is vulnerable to a stack-based buffer overflow via the username, occurs due to insuf
41RISK
open ↗Exploit-DB
Viessmann Vitogate 300 2.1.3.0 - Remote Code Execution (RCE)
Viessmann Vitogate 300 Web Management Interface vitogate.cgi isValidUser hard-coded password
70RISK
open ↗Exploit-DB
KiTTY 0.76.1.13 - 'Start Duplicated Session Hostname' Buffer Overflow
KiTTY versions 0.76.1.13 and before is vulnerable to a stack-based buffer overflow via the hostname, occurs due to insuf
41RISK
open ↗Exploit-DB
DataCube3 v1.0 - Unrestricted file upload 'RCE'
F-logic DataCube3 v1.0 is vulnerable to Incorrect Access Control due to an improper directory access restriction. An una
53RISK
open ↗Exploit-DB
Akaunting < 3.1.3 - RCE
An OS command injection vulnerability exists in Akaunting v3.1.3 and earlier. An attacker can manipulate the company loc
60RISK
open ↗Exploit-DB
Ladder v0.0.21 - Server-side request forgery (SSRF)
An issue in Ladder v.0.0.1 thru v.0.0.21 allows a remote attacker to obtain sensitive information via a crafted request
41RISK
open ↗Exploit-DB
DataCube3 v1.0 - Unrestricted file upload 'RCE'
F-logic DataCube3 v1.0 is vulnerable to unrestricted file upload, which could allow an authenticated malicious actor to
46RISK
open ↗Exploit-DB
Numbas < v7.3 - Remote Code Execution
Numbas editor before 7.3 mishandles editing of themes and extensions.
38RISK
open ↗Exploit-DB
Hide My WP < 6.2.9 - Unauthenticated SQLi
Hide My WP < 6.2.9 - Unauthenticated SQLi
48RISK
open ↗Exploit-DB
Petrol Pump Management Software v1.0 - 'Address' Stored Cross Site Scripting
Cross Site Scripting vulnerability in Petrol Pump Mangement Software v.1.0 allows an attacker to execute arbitrary code
33RISK
open ↗Exploit-DB
Petrol Pump Management Software v.1.0 - Stored Cross Site Scripting via SVG file
Cross Site Scripting vulnerability in Petrol Pump Mangement Software v.1.0 allows an attacker to execute arbitrary code
33RISK
open ↗Exploit-DB
Petrol Pump Management Software v1.0 - Remote Code Execution via File Upload
File Upload vulnerability in Petrol Pump Mangement Software v.1.0 allows an attacker to execute arbitrary code via a cra
53RISK
open ↗Exploit-DB
Petrol Pump Management Software v.1.0 - SQL Injection
SQL Injection vulnerability in Petrol Pump Mangement Software v.1.0 allows an attacker to execute arbitrary code via a c
53RISK
open ↗Exploit-DB
Wyrestorm Apollo VX20 < 1.3.58 - Account Enumeration
An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. The TELNET service prompts for a password only a
41RISK
open ↗Exploit-DB
Wyrestorm Apollo VX20 < 1.3.58 - Incorrect Access Control 'DoS'
An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can restart the device via a /d
41RISK
open ↗Exploit-DB
Wyrestorm Apollo VX20 < 1.3.58 - Incorrect Access Control 'Credentials Disclosure'
An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can discover cleartext password
75RISK
open ↗Exploit-DB
SureMDM On-premise < 6.31 - CAPTCHA Bypass User Enumeration
Bypassing CAPTCHA & Enumerating Usernames via Password Reset Page
33RISK
open ↗Exploit-DB
BoidCMS v2.0.0 - authenticated file upload vulnerability
File Upload vulnerability in BoidCMS v.2.0.0 allows a remote attacker to execute arbitrary code by adding a GIF header t
50RISK
open ↗Exploit-DB
Clcknshop 1.0.0 - SQL Injection
Infosoftbd Clcknshop GET Parameter all sql injection
45RISK
open ↗Exploit-DB
Minio 2022-07-29T19-40-48Z - Path traversal
Authenticated requests for server update admin API allows path traversal in minio
53RISK
open ↗Exploit-DB
Cacti 1.2.24 - Authenticated command injection when using SNMP options
Authenticated command injection in SNMP options of a Device
63RISK
open ↗Exploit-DB
Splunk 9.0.5 - admin account take over
‘edit_user’ Capability Privilege Escalation
78RISK
open ↗Exploit-DB
Media Library Assistant Wordpress Plugin - RCE and LFI
Media Library Assistant <= 3.09 - Unauthenticated Local/Remote File Inclusion & Remote Code Execution
85RISK
open ↗Exploit-DB
Wordpress Plugin Masterstudy LMS - 3.0.17 - Unauthenticated Instructor Account Creation
MasterStudy LMS < 3.0.18 - Unauthenticated Instructor Account Creation
41RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.