Public exploitation

Exploit catalog

Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.

71,062cataloged exploits
31,617CVEs with public exploitation
0lab-tested
4,187 exploits
Nucleimedium
Palo Alto Networks PAN-OS GlobalProtect <8.1.4 - Cross-Site Scripting
GlobalProtect Portal Login page in Palo Alto Networks PAN-OS before 8.1.4 allows an unauthenticated attacker to inject a
18RISK
open
Nucleihigh
Ncomputing vSPace Pro 10 and 11 - Directory Traversal
An issue was discovered in NcMonitorServer.exe in NC Monitor Server in NComputing vSpace Pro 10 and 11. It is possible t
50RISK
open
Nucleimedium
Zend Server <9.13 - Cross-Site Scripting
Zend Debugger in Zend Server before 9.1.3 has XSS, aka ZSR-2455.
18RISK
open
Nucleimedium
AWStats <= 7.5 - Full Path Disclosure
A Full Path Disclosure vulnerability in AWStats through 7.6 allows remote attackers to know where the config file is all
18RISK
open
Nucleimedium
Lantronix SecureLinx Spider (SLS) 2.2+ - Cross-Site Scripting
Lantronix SecureLinx Spider (SLS) 2.2+ devices have XSS in the auth.asp login page.
18RISK
open
Nucleicritical
Dasan GPON Devices - Remote Code Execution
CVE-2018-10562CRITICALunder attackransomware
An issue was discovered on Dasan GPON home routers. Command Injection can occur via the dest_host parameter in a diag_ac
100RISK
open
Nucleihigh
NagiosXI <= 5.4.12 `commandline.php` SQL injection
A SQL injection issue was discovered in Nagios XI before 5.4.13 via the admin/commandline.php cname parameter.
30RISK
open
Nucleihigh
NagiosXI <= 5.4.12 - SQL injection
A SQL injection issue was discovered in Nagios XI before 5.4.13 via the admin/info.php key1 parameter.
30RISK
open
Nucleihigh
NagiosXI <= 5.4.12 logbook.php SQL injection
A SQL injection issue was discovered in Nagios XI before 5.4.13 via the admin/logbook.php txtSearch parameter.
30RISK
open
Nucleihigh
NagiosXI <= 5.4.12 menuaccess.php - SQL injection
A SQL injection issue was discovered in Nagios XI before 5.4.13 via the admin/menuaccess.php chbKey1 parameter.
30RISK
open
Nucleihigh
D-Link Routers - Local File Inclusion
Directory traversal vulnerability in the web interface on D-Link DWR-116 through 1.06, DIR-140L through 1.02, DIR-640L t
50RISK
open
Nucleihigh
D-Link Routers - Remote Command Injection
An issue was discovered on D-Link DWR-116 through 1.06, DWR-512 through 2.02, DWR-712 through 2.02, DWR-912 through 2.02
60RISK
open
Nucleicritical
Prestashop AttributeWizardPro Module - Arbitrary File Upload
modules/attributewizardpro/file_upload.php in the Attribute Wizard addon 1.6.9 for PrestaShop 1.4.0.1 through 1.6.1.18 a
23RISK
open
Nucleihigh
IPConfigure Orchid Core VMS 2.0.5 - Local File Inclusion
IPConfigure Orchid Core VMS 2.0.5 allows Directory Traversal.
50RISK
open
Nucleimedium
Quest KACE SMA /common/run_cross_report.php 'fmt' XSS
The 'fmt' parameter of the '/common/run_cross_report.php' script in the the Quest KACE System Management Appliance 8.0.3
18RISK
open
Nucleicritical
Quest KACE System Management Appliance 8.0.318 - Remote Code Execution
CVE-2018-11138CRITICALunder attackransomware
The '/common/download_agent_installer.php' script in the Quest KACE System Management Appliance 8.0.318 is accessible by
100RISK
open
Nucleihigh
Pandora FMS <=7.0NG.722 - Remote Code Execution
Local File Inclusion (LFI) in Artica Pandora FMS through version 7.23 allows an attacker to call any php file via the /p
18RISK
open
Nucleimedium
Monstra CMS <=3.0.4 - Cross-Site Scripting
Monstra CMS 3.0.4 and earlier has XSS via index.php.
18RISK
open
Nucleihigh
Opencart Divido - Sql Injection
In the Divido plugin for OpenCart, there is SQL injection. Attackers can use SQL injection to get some confidential info
18RISK
open
Nucleimedium
Splunk <=7.0.1 - Information Disclosure
Splunk through 7.0.1 allows information disclosure by appending __raw/services/server/info/server-info?output_mode=json
60RISK
open
Nucleimedium
Monstra CMS 3.0.4 - Cross-Site Scripting
Monstra CMS 3.0.4 has XSS in the registration Form (i.e., the login parameter to users/registration).
18RISK
open
Nucleicritical
ASUSTOR ADM 3.1.0.RFQ3 - SQL Injection
The tree list functionality in the photo gallery application in ASUSTOR ADM 3.1.0.RFQ3 has a SQL injection vulnerability
43RISK
open
Nucleicritical
FlexPaper/FlowPaper 2.3.6 - Remote Code Execution
The Publish Service in FlexPaper (later renamed FlowPaper) 2.3.6 allows remote code execution via setup.php and change_c
50RISK
open
Nucleimedium
WordPress wpForo Forum <= 1.4.11 - Cross-Site Scripting
wpforo_get_request_uri in wpf-includes/functions.php in the wpForo Forum plugin before 1.4.12 for WordPress allows Unaut
18RISK
open
Nucleihigh
Apache Tomcat JK Connect <=1.2.44 - Manager Access
The Apache Web Server (httpd) specific code that normalised the requested path before matching it to the URI-worker map
40RISK
open
Nucleihigh
Apache Struts2 S2-057 - Remote Code Execution
CVE-2018-11776HIGHunder attack
Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when alwaysSelectFullN
100RISK
open
Nucleimedium
Apache Tomcat - Open Redirect
When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a r
60RISK
open
Nucleicritical
Eaton Intelligent Power Manager 1.6 - Directory Traversal
Local file inclusion in Eaton Intelligent Power Manager v1.6 allows an attacker to include a file via server/node_upgrad
43RISK
open
Nucleihigh
Schools Alert Management Script - Arbitrary File Read
Arbitrary File Read exists in PHP Scripts Mall Schools Alert Management Script via the f parameter in img.php, aka absol
50RISK
open
Nucleicritical
Dell iDRAC7/8 Devices - Remote Code Injection
Dell EMC iDRAC7/iDRAC8, versions prior to 2.52.52.52, contain CGI injection vulnerability which could be used to execute
60RISK
open

We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.