Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,114cataloged exploits
31,649CVEs with public exploitation
0lab-tested
AllExploit-DB 22,469Referência 19,810GitHub PoC 13,116VulnCheck XDB 8,069Nuclei 4,188Metasploit 3,462✓ verified onlyrecentpopularrisk
4,188 exploits
Nucleicritical
Sonatype Nexus Repository Manager <3.15.0 - Remote Code Execution
Sonatype Nexus Repository Manager before 3.15.0 has Incorrect Access Control.
100RISK
open ↗Nucleihigh
eMerge E3 1.00-06 - Local File Inclusion
Linear eMerge E3-Series devices allow File Inclusion.
60RISK
open ↗Nucleimedium
Linear eMerge E3 - Cross-Site Scripting
Linear eMerge E3-Series devices allow XSS.
50RISK
open ↗Nucleicritical
eMerge E3 1.00-06 - Remote Code Execution
Linear eMerge E3-Series devices allow Command Injections.
100RISK
open ↗Nucleimedium
Optergy Proton/Enterprise Building Management System - Open Redirect
Optergy Proton/Enterprise devices allow Open Redirect.
18RISK
open ↗Nucleicritical
Optergy Proton/Enterprise - Unauthenticated RCE via Backdoor Console
Optergy Proton/Enterprise devices allow Remote Root Code Execution via a Backdoor Console.
60RISK
open ↗Nucleihigh
Genie Access WIP3BVAF IP Camera - Local File Inclusion
Genie Access WIP3BVAF WISH IP 3MP IR Auto Focus Bullet Camera devices through 3.x are vulnerable to directory traversal
23RISK
open ↗Nucleihigh
SonicWall SRA 4600 VPN - SQL Injection
Vulnerability in SonicWall SMA100 allow unauthenticated user to gain read-only access to unauthorized resources. This vu
88RISK
open ↗Nucleimedium
KindEditor 4.1.11 - Cross-Site Scripting
In KindEditor 4.1.11, the php/demo.php content1 parameter has a reflected Cross-site Scripting (XSS) vulnerability.
18RISK
open ↗Nucleicritical
Kibana Timelion - Arbitrary Code Execution
Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelion visualizer. An attacker
100RISK
open ↗Nucleihigh
Adobe Experience Manager - XML External Entity Injection
Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a xml external entity injection vulnerability. Successful e
23RISK
open ↗Nucleimedium
qdPM 9.1 - Cross-site Scripting
qdPM 9.1 suffers from Cross-site Scripting (XSS) in the search[keywords] parameter.
38RISK
open ↗Nucleihigh
Jira - Local File Inclusion
The CachingResourceDownloadRewriteRule class in Jira before version 7.13.4, and from version 8.0.0 before version 8.0.4,
30RISK
open ↗Nucleimedium
Jira Improper Authorization
The /rest/issueNav/1/issueTable resource in Jira before version 8.3.2 allows remote attackers to enumerate usernames via
23RISK
open ↗Nucleimedium
Jira <8.4.0 - Information Disclosure
The /rest/api/latest/groupuserpicker resource in Jira before version 8.4.0 allows remote attackers to enumerate username
60RISK
open ↗Nucleimedium
Jira <8.4.0 - Server-Side Request Forgery
The /plugins/servlet/gadgets/makeRequest resource in Jira before version 8.4.0 allows remote attackers to access the con
60RISK
open ↗Nucleihigh
Totaljs <3.2.3 - Local File Inclusion
index.js in Total.js Platform before 3.2.3 allows path traversal.
40RISK
open ↗Nucleimedium
HotelDruid 2.3.0 - Cross-Site Scripting
HotelDruid 2.3.0 has XSS affecting the nsextt, cambia1, mese_fine, origine, and anno parameters in creaprezzi.php, tabel
43RISK
open ↗Nucleimedium
WordPress Core 5.0.0 - Crop-image Shell Upload
WordPress through 5.0.3 allows Path Traversal in wp_crop_image(). An attacker (who has privileges to crop an image) can
60RISK
open ↗Nucleicritical
Wavemaker Studio 6.6 - Local File Inclusion/Server-Side Request Forgery
com/wavemaker/studio/StudioService.java in WaveMaker Studio 6.6 mishandles the studioService.download?method=getContent&
43RISK
open ↗Nucleihigh
ZZZCMS 1.6.1 - Remote Code Execution
An issue was discovered in ZZZCMS zzzphp V1.6.1. In the inc/zzz_template.php file, the parserIfLabel() function's filter
50RISK
open ↗Nucleihigh
ThinkPHP < 3.2.4 - Remote Code Execution
ThinkPHP before 3.2.4, as used in Open Source BMS v1.1.1 and other products, allows Remote Command Execution via public/
100RISK
open ↗Nucleicritical
elFinder <= 2.1.47 - Command Injection
elFinder before 2.1.48 has a command injection vulnerability in the PHP connector.
60RISK
open ↗Nucleicritical
WordPress GraceMedia Media Player 1.0 - Local File Inclusion
The GraceMedia Media Player plugin 1.0 for WordPress allows Local File Inclusion via the "cfg" parameter.
50RISK
open ↗Nucleihigh
Zimbra Collaboration Suite - SSRF
Zimbra Collaboration Suite before 8.6 patch 13, 8.7.x before 8.7.11 patch 10, and 8.8.x before 8.8.10 patch 7 or 8.8.x b
100RISK
open ↗Nucleihigh
ESAFENET CDG - Arbitrary File Download
ESAFENET CDG V3 and V5 has an arbitrary file download vulnerability via the fileName parameter in download.jsp because t
30RISK
open ↗Nucleicritical
Synacor Zimbra Collaboration <8.7.11p10 - XML External Entity Injection
mailboxd component in Synacor Zimbra Collaboration Suite 8.7.x before 8.7.11p10 has an XML External Entity injection (XX
100RISK
open ↗Nucleihigh
Homematic CCU3 - Local File Inclusion
Directory Traversal / Arbitrary File Read in eQ-3 AG Homematic CCU3 3.43.15 and earlier allows remote attackers to read
23RISK
open ↗Nucleicritical
JFrog Artifactory 6.7.3 - Admin Login Bypass
An issue was discovered in JFrog Artifactory 6.7.3. By default, the access-admin account is used to reset the password o
30RISK
open ↗Nucleihigh
LabKey Server 19.1.0 - XML External Entity (XXE)
An issue was discovered in LabKey Server 19.1.0. Sending an SVG containing an XXE payload to the endpoint visualization-
30RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.