Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,062cataloged exploits
31,617CVEs with public exploitation
0lab-tested
AllExploit-DB 22,467Referência 19,791GitHub PoC 13,086VulnCheck XDB 8,069Nuclei 4,187Metasploit 3,462✓ verified onlyrecentpopularrisk
22,467 exploits
Exploit-DB
DLINK DAP-1620 A1 v1.01 - Directory Traversal
Local File Inclusion due to path traversal in D-Link DAP-1620 leads to unauthorized internal files reading [/etc/passwd]
50RISK
open ↗Exploit-DB
TLR-2005KSH - Arbitrary File Upload
TLR-2005KSH is affected by an incorrect access control vulnerability. THe PUT method is enabled so an attacker can uploa
50RISK
open ↗Exploit-DB
Akka HTTP 10.1.14 - Denial of Service
Akka HTTP 10.1.x before 10.1.15 and 10.2.x before 10.2.7 can encounter stack exhaustion while parsing HTTP headers, whic
35RISK
open ↗Exploit-DB
WebTareas 2.4 - Blind SQLi (Authenticated)
An SQL Injection vulnerability exists in Webtareas 2.4p3 and earlier via the $uq HTTP POST parameter in editapprovalstag
23RISK
open ↗Exploit-DB
Apache CouchDB 3.2.1 - Remote Code Execution (RCE)
Remote Code Execution Vulnerability in Packaging
100RISK
open ↗Exploit-DB
Google Chrome 78.0.3904.70 - Remote Code Execution
Use after free in WebAudio in Google Chrome prior to 78.0.3904.87 allowed a remote attacker to potentially exploit heap
93RISK
open ↗Exploit-DB
Ruijie Reyee Mesh Router - Remote Code Execution (RCE) (Authenticated)
A Remote Code Execution (RCE) vulnerability exists in Ruijie Networks Ruijie RG-EW Series Routers up to ReyeeOS 1.55.191
35RISK
open ↗Exploit-DB
DLINK DIR850 - Open Redirect
DLink DIR850 ET850-1.08TRb03 is affected by an incorrect access control vulnerability through URL redirection to untrust
43RISK
open ↗Exploit-DB
MyBB 1.8.29 - MyBB 1.8.29 - Remote Code Execution (RCE) (Authenticated)
Remote code execution in mybb
78RISK
open ↗Exploit-DB
Wondershare Dr.Fone 12.0.7 - Privilege Escalation (ElevationService)
Wondershare Dr. Fone Latest version as of 2021-12-06 is vulnerable to Incorrect Access Control. A normal user can send m
28RISK
open ↗Exploit-DB
ManageEngine ADSelfService Plus Build 6118 - NTLMv2 Hash Exposure
Zoho ManageEngine ADSelfService Plus before 6121, ADAuditPlus 7060, Exchange Reporter Plus 5701, and ADManagerPlus 7131
23RISK
open ↗Exploit-DB
DLINK DIR850 - Insecure Access Control
DLink DIR850 ET850-1.08TRb03 is affected by an incorrect access control vulnerability through an unauthenticated remote
35RISK
open ↗Exploit-DB
ExifTool 12.23 - Arbitrary Code Execution
Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code exec
100RISK
open ↗Exploit-DB
Wondershare Dr.Fone 12.0.7 - Remote Code Execution (RCE)
Wondershare LTD Dr. Fone as of 2021-12-06 version is affected by Remote code execution. Due to software design flaws an
28RISK
open ↗Exploit-DB
PHProjekt PhpSimplyGest v1.3. - Stored Cross-Site Scripting (XSS)
A stored cross-site scripting (XSS) vulnerability in PHProjekt PhpSimplyGest v1.3.0 allows attackers to execute arbitrar
23RISK
open ↗Exploit-DB
WordPress Plugin Blue Admin 21.06.01 - Cross-Site Request Forgery (CSRF)
Blue Admin <= 21.06.01 - CSRF to Stored Cross-Site Scripting (XSS)
23RISK
open ↗Exploit-DB
Explore CMS 1.0 - SQL Injection
Explore CMS v1.0 was discovered to contain a SQL injection vulnerability via a /page.php?id= request.
23RISK
open ↗Exploit-DB
Gitlab 14.9 - Authentication Bypass
A hardcoded password was set for accounts registered using an OmniAuth provider (e.g. OAuth, LDAP, SAML) in GitLab CE/EE
85RISK
open ↗Exploit-DB
GitLab 14.9 - Stored Cross-Site Scripting (XSS)
Improper neutralization of user input in GitLab CE/EE versions 14.4 before 14.7.7, all versions starting from 14.8 befor
63RISK
open ↗Exploit-DB
WordPress Plugin Popup Maker 1.16.5 - Stored Cross-Site Scripting (Authenticated)
Popup Maker < 1.16.5 - Admin+ Stored Cross-Site Scripting
35RISK
open ↗Exploit-DB
Easy Appointments 1.4.2 - Information Disclosure
Exposure of Private Personal Information to an Unauthorized Actor in alextselegidis/easyappointments
75RISK
open ↗Exploit-DB
PKP Open Journals System 3.3 - Cross-Site Scripting (XSS)
Cross-site scripting (XSS) via Host Header injection in PKP Open Journals System 2.4.8 >= 3.3 allows remote attackers to
38RISK
open ↗Exploit-DB
REDCap 11.3.9 - Stored Cross Site Scripting
A stored Cross-Site Scripting (XSS) vulnerability in the Missing Data Codes functionality of REDCap before 11.4.0 allows
23RISK
open ↗Exploit-DB
Zyxel NWA-1100-NH - Command Injection
A command injection vulnerability in the web interface of the Zyxel NWA-1100-NH firmware could allow an attacker to exec
70RISK
open ↗Exploit-DB
Franklin Fueling Systems Colibri Controller Module 1.8.19.8580 - Local File Inclusion (LFI)
Insecure handling of a download function leads to disclosure of internal files due to path traversal with root privilege
50RISK
open ↗Exploit-DB
SAM SUNNY TRIPOWER 5.0 - Insecure Direct Object Reference (IDOR)
Insecure direct object reference in SUNNY TRIPOWER 5.0 Firmware version 3.10.16.R leads to unauthorized user groups acce
33RISK
open ↗Exploit-DB
Telesquare TLR-2855KS6 - Arbitrary File Creation
An unauthorized file creation vulnerability in Telesquare TLR-2855KS6 via PUT method can allow creation of CGI scripts.
43RISK
open ↗Exploit-DB
Telesquare TLR-2855KS6 - Arbitrary File Deletion
An unauthorized file deletion vulnerability in Telesquare TLR-2855KS6 via DELETE method can allow deletion of system fil
60RISK
open ↗Exploit-DB
Kramer VIAware - Remote Code Execution (RCE) (Root)
KramerAV VIAWare, all tested versions, allow privilege escalation through misconfiguration of sudo. Sudoers permits runn
60RISK
open ↗Exploit-DB
Sherpa Connector Service v2020.2.20328.2050 - Unquoted Service Path
There is an unquoted service path in Sherpa Connector Service (SherpaConnectorService.exe) 2020.2.20328.2050. This might
23RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.