Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,114cataloged exploits
31,649CVEs with public exploitation
0lab-tested
AllExploit-DB 22,469Referência 19,810GitHub PoC 13,116VulnCheck XDB 8,069Nuclei 4,188Metasploit 3,462✓ verified onlyrecentpopularrisk
4,188 exploits
Nucleicritical
Nette Framework - Remote Code Execution
Remote Code Execution vulnerability
68RISK
open ↗Nucleicritical
DrayTek Vigor - Command Injection
On DrayTek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1, cgi-bin/mainfunction.cgi/cvmcfgupload allows remote
95RISK
open ↗Nucleimedium
TileServer GL <=3.0.0 - Cross-Site Scripting
An issue was discovered in server.js in TileServer GL through 3.0.0. The content of the key GET parameter is reflected u
43RISK
open ↗Nucleicritical
MobileIron Core & Connector <= v10.6 & Sentry <= v9.8 - Remote Code Execution
A remote code execution vulnerability in MobileIron Core & Connector versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1,
100RISK
open ↗Nucleicritical
TerraMaster TOS <.1.29 - Remote Code Execution
TerraMaster TOS before 4.1.29 has Invalid Parameter Checking that leads to code injection as root. This is a dynamic cla
43RISK
open ↗Nucleimedium
RosarioSIS 6.7.2 - Cross-Site Scripting
RosarioSIS 6.7.2 is vulnerable to XSS, caused by improper validation of user-supplied input by the PrintSchedules.php sc
38RISK
open ↗Nucleihigh
Gogs 0.5.5 - 0.12.2 - Remote Code Execution
The git hook feature in Gogs 0.5.5 through 0.12.2 allows for authenticated remote code execution. There can be a privile
40RISK
open ↗Nucleimedium
D-Link DIR-816L 2.x - Cross-Site Scripting
An XSS issue was discovered on D-Link DIR-816L devices 2.x before 1.10b04Beta02. In the file webinc/js/info.php, no outp
18RISK
open ↗Nucleicritical
Tiki Wiki CMS GroupWare - Authentication Bypass
tiki-login.php in Tiki before 21.2 sets the admin password to a blank value after 50 invalid login attempts.
23RISK
open ↗Nucleicritical
Mida eFramework <=2.9.0 - Remote Command Execution
There is an OS Command Injection in Mida eFramework through 2.9.0 that allows an attacker to achieve Remote Code Executi
60RISK
open ↗Nucleihigh
Cisco Unified IP Conference Station 7937G - Denial-of-Service
A denial-of-service in Cisco Unified IP Conference Station 7937G 1-4-4-0 through 1-4-5-7 allows attackers restart the de
40RISK
open ↗Nucleimedium
Prometheus Blackbox Exporter - Server-Side Request Forgery (SSRF)
Prometheus Blackbox Exporter through 0.17.0 allows /probe?target= SSRF. NOTE: follow-on discussion suggests that this mi
18RISK
open ↗Nucleicritical
SaltStack <=3002 - Shell Injection
An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH clien
100RISK
open ↗Nucleihigh
Microsoft SharePoint - Remote Code Execution
Microsoft SharePoint Remote Code Execution Vulnerability
58RISK
open ↗Nucleimedium
Nova Lite < 1.3.9 - Cross-Site Scripting
search.php in the Nova Lite theme before 1.3.9 for WordPress allows Reflected XSS.
18RISK
open ↗Nucleimedium
WSO2 Carbon Management Console <=5.10 - Cross-Site Scripting
WSO2 Management Console through 5.10 allows XSS via the carbon/admin/login.jsp msgId parameter.
43RISK
open ↗Nucleicritical
SEOWON INTECH SLC-130 & SLR-120S - Unauthenticated Remote Code Execution
SEOWON INTECH SLC-130 And SLR-120S devices allow Remote Code Execution via the ipAddr parameter to the system_log.cgi pa
60RISK
open ↗Nucleicritical
Fuel CMS 1.4.7 - SQL Injection
FUEL CMS 1.4.7 allows SQL Injection via the col parameter to /pages/items, /permissions/items, or /navigation/items.
100RISK
open ↗Nucleicritical
vBulletin 5.5.4 - 5.6.2- Remote Command Execution
vBulletin 5.5.4 through 5.6.2 allows remote command execution via crafted subWidgets data in an ajax/render/widget_tabbe
100RISK
open ↗Nucleihigh
Artica Web Proxy 4.30 - OS Command Injection
Artica Web Proxy 4.30.000000 allows an authenticated remote attacker to inject commands via the service-cmds parameter i
40RISK
open ↗Nucleicritical
Artica Web Proxy 4.30 - Authentication Bypass/SQL Injection
Artica Web Proxy 4.30.00000000 allows remote attacker to bypass privilege detection and gain web backend administrator p
60RISK
open ↗Nucleihigh
Apache Flink 1.5.1 - Local File Inclusion
Apache Flink directory traversal attack: remote file writing through the REST API
50RISK
open ↗Nucleihigh
Apache Flink - Local File Inclusion
Apache Flink directory traversal attack: reading remote files through the REST API
100RISK
open ↗Nucleihigh
Apache Airflow <1.10.14 - Authentication Bypass
Incorrect Session Validation in Apache Airflow Webserver versions prior to 1.10.14 with default config allows a maliciou
23RISK
open ↗Nucleicritical
Apache Struts 2.0.0-2.5.25 - Remote Code Execution
Forced OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution. Affected
100RISK
open ↗Nucleimedium
Z-Blog <=1.5.2 - Open Redirect
Open Redirect in Z-BlogPHP v1.5.2 and earlier allows remote attackers to obtain sensitive information via the "redirect"
18RISK
open ↗Nucleimedium
Jeesns 1.4.2 - Cross-Site Scripting
A reflected cross-site scripting (XSS) vulnerability in Jeesns 1.4.2 allows attackers to execute arbitrary web scripts o
18RISK
open ↗Nucleimedium
Jeesns 1.4.2 - Cross-Site Scripting
A reflected cross-site scripting (XSS) vulnerability in the /newVersion component of Jeesns 1.4.2 allows attackers to ex
18RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.