Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,002cataloged exploits
31,582CVEs with public exploitation
AllExploit-DB 22,467Referência 19,780GitHub PoC 13,048VulnCheck XDB 8,060Nuclei 4,185Metasploit 3,462recentpopularrisk
4,185 exploits
Nucleimedium
Joomla! Component RWCards 3.0.11 - Local File Inclusion
Directory traversal vulnerability in captcha/captcha_image.php in the RWCards (com_rwcards) 3.0.11 component for Joomla!
43RISK
open ↗Nucleimedium
Joomla! ProDesk 1.0/1.2 - Local File Inclusion
Directory traversal vulnerability in the Pro Desk Support Center (com_pro_desk) component 1.0 and 1.2 for Joomla! allows
43RISK
open ↗Nucleimedium
Parallels H-Sphere 3.0.0 P9/3.1 P1 - Cross-Site Scripting
Multiple cross-site scripting (XSS) vulnerabilities in login.php in webshell4 in Parallels H-Sphere 3.0.0 P9 and 3.1 P1
18RISK
open ↗Nucleimedium
nweb2fax <=0.2.7 - Local File Inclusion
Multiple directory traversal vulnerabilities in nweb2fax 0.2.7 and earlier allow remote attackers to read arbitrary file
43RISK
open ↗Nucleimedium
Devalcms 1.4a - Cross-Site Scripting
Cross-site scripting (XSS) vulnerability in index.php in devalcms 1.4a allows remote attackers to inject arbitrary web s
38RISK
open ↗Nucleimedium
UC Gateway Investment SiteEngine v5.0 - Open Redirect
Open redirect vulnerability in api.php in SiteEngine 5.x allows user-assisted remote attackers to redirect users to arbi
38RISK
open ↗Nucleimedium
Autonomy Ultraseek - Open Redirect
Open redirect vulnerability in cs.html in the Autonomy (formerly Verity) Ultraseek search engine allows remote attackers
43RISK
open ↗Nucleicritical
ZeroShell <= 1.0beta11 Remote Code Execution
cgi-bin/kerbynet in ZeroShell 1.0beta11 and earlier allows remote attackers to execute arbitrary commands via shell meta
60RISK
open ↗Nucleimedium
Horde/Horde Groupware - Local File Inclusion
Directory traversal vulnerability in framework/Image/Image.php in Horde before 3.2.4 and 3.3.3 and Horde Groupware befor
50RISK
open ↗Nucleihigh
PhpMyAdmin Scripts - Remote Code Execution
Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allows remo
100RISK
open ↗Nucleimedium
Joomla! Cmimarketplace 0.1 - Local File Inclusion
Directory traversal vulnerability in the Cmi Marketplace (com_cmimarketplace) component 0.1 for Joomla! allows remote at
38RISK
open ↗Nucleihigh
Cisco Linksys WVC54GCA 1.00R22/1.00R24 - Local File Inclusion
Directory traversal vulnerability in adm/file.cgi on the Cisco Linksys WVC54GCA wireless video camera with firmware 1.00
43RISK
open ↗Nucleimedium
Adobe Coldfusion <=8.0.1 - Cross-Site Scripting
Multiple cross-site scripting (XSS) vulnerabilities in Adobe ColdFusion Server 8.0.1, 8, and earlier allow remote attack
43RISK
open ↗Nucleihigh
Joomla! MooFAQ 1.0 - Local File Inclusion
Directory traversal vulnerability in includes/file_includer.php in the Ideal MooFAQ (com_moofaq) component 1.0 for Jooml
38RISK
open ↗Nucleimedium
Joomla! JoomlaPraise Projectfork 2.0.10 - Local File Inclusion
Directory traversal vulnerability in the JoomlaPraise Projectfork (com_projectfork) component 2.0.10 for Joomla! allows
38RISK
open ↗Nucleimedium
Joomla! Agora 3.0.0b - Local File Inclusion
Directory traversal vulnerability in the Agora (com_agora) component 3.0.0b for Joomla! allows remote attackers to inclu
38RISK
open ↗Nucleihigh
Joomla! Roland Breedveld Album 1.14 - Local File Inclusion
Directory traversal vulnerability in the Roland Breedveld Album (com_album) component 1.14 for Joomla! allows remote att
38RISK
open ↗Nucleihigh
Joomla! Omilen Photo Gallery 0.5b - Local File Inclusion
Directory traversal vulnerability in the Omilen Photo Gallery (com_omphotogallery) component Beta 0.5 for Joomla! allows
38RISK
open ↗Nucleihigh
KR-Web <=1.1b2 - Remote File Inclusion
PHP remote file inclusion vulnerability in adm/krgourl.php in KR-Web 1.1b2 and earlier allows remote attackers to execut
50RISK
open ↗Nucleihigh
Joomla! Portfolio Nexus - Remote File Inclusion
Directory traversal vulnerability in the inertialFATE iF Portfolio Nexus (com_if_nexus) component 1.5 for Joomla! allows
38RISK
open ↗Nucleimedium
AWStats < 6.95 - Open Redirect
Open redirect vulnerability in awredir.pl in AWStats before 6.95 allows remote attackers to redirect users to arbitrary
18RISK
open ↗Nucleimedium
WebGlimpse 2.18.7 - Directory Traversal
Directory traversal vulnerability in wgarcmin.cgi in WebGlimpse 2.18.7 and earlier allows remote attackers to read arbit
43RISK
open ↗Nucleihigh
Joomla! Component com_biblestudy - Local File Inclusion
Directory traversal vulnerability in the Bible Study (com_biblestudy) component 6.1 for Joomla! allows remote attackers
43RISK
open ↗Nucleicritical
Apache Axis2 Default Login
Apache Axis2, as used in dswsbobje.war in SAP BusinessObjects Enterprise XI 3.2, CA ARCserve D2D r15, and other products
60RISK
open ↗Nucleimedium
Joomla! Component CCNewsLetter - Local File Inclusion
Directory traversal vulnerability in the ccNewsletter (com_ccnewsletter) component 1.0.5 for Joomla! allows remote attac
50RISK
open ↗Nucleimedium
Joomla! Component Jw_allVideos - Arbitrary File Retrieval
Directory traversal vulnerability in includes/download.php in the JoomlaWorks AllVideos (Jw_allVideos) plugin 3.0 throug
43RISK
open ↗Nucleihigh
Joomla! Plugin Core Design Scriptegrator - Local File Inclusion
Directory traversal vulnerability in plugins/system/cdscriptegrator/libraries/highslide/js/jsloader.php in the Core Desi
43RISK
open ↗Nucleimedium
Joomla! Component com_jvideodirect - Directory Traversal
Directory traversal vulnerability in the jVideoDirect (com_jvideodirect) component for Joomla! allows remote attackers t
38RISK
open ↗Nucleimedium
Joomla! Component com_jashowcase - Directory Traversal
Directory traversal vulnerability in the JA Showcase (com_jashowcase) component for Joomla! allows remote attackers to r
43RISK
open ↗Nucleimedium
Joomla! Component com_jcollection - Directory Traversal
Directory traversal vulnerability in the JCollection (com_jcollection) component for Joomla! allows remote attackers to
43RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.