Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,114cataloged exploits
31,649CVEs with public exploitation
0lab-tested
AllExploit-DB 22,469Referência 19,810GitHub PoC 13,116VulnCheck XDB 8,069Nuclei 4,188Metasploit 3,462✓ verified onlyrecentpopularrisk
4,188 exploits
Nucleihigh
PrestaShop Product Comments <4.2.0 - SQL Injection
Blind SQL injection during the CommentGrade process
33RISK
open ↗Nucleihigh
XStream <1.4.15 - Server-Side Request Forgery
Server-Side Forgery Request can be activated unmarshalling with XStream
50RISK
open ↗Nucleimedium
Gitlab CE/EE 13.4 - 13.6.2 - Information Disclosure
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.4 before 13.6.2. Information disclo
40RISK
open ↗Nucleimedium
SAP Solution Manager - Open Redirect
SAP Solution Manager (Trace Analysis), version - 720, allows for misuse of a parameter in the application URL leading to
23RISK
open ↗Nucleihigh
WordPress WP Courses Plugin Information Disclosure
The wp-courses plugin through 2.0.27 for WordPress allows remote attackers to bypass the intended payment step (for cour
18RISK
open ↗Nucleicritical
Ruckus vRioT IoT Controller - Authentication Bypass
Ruckus vRioT through 1.5.1.0.21 has an API backdoor that is hardcoded into validate_token.py. An unauthenticated attacke
50RISK
open ↗Nucleicritical
NETGEAR ProSAFE Plus - Unauthenticated Remote Code Execution
NETGEAR JGS516PE devices before 2.6.0.43 are affected by lack of access control at the function level.
85RISK
open ↗Nucleicritical
phpMyAdmin < 5.0.3 - SQL Injection
An issue was discovered in SearchController in phpMyAdmin before 4.9.6 and 5.x before 5.0.3. A SQL injection vulnerabili
30RISK
open ↗Nucleicritical
Emby < 4.5.0 - Server Server-Side Request Forgery
Emby Server before 4.5.0 allows SSRF via the Items/RemoteSearch/Image ImageURL parameter.
40RISK
open ↗Nucleihigh
LionWiki <3.2.12 - Local File Inclusion
LionWiki before 3.2.12 allows an unauthenticated user to read files as the web server user via crafted string in the ind
18RISK
open ↗Nucleicritical
JD Edwards EnterpriseOne Tools 9.2 - Information Disclosure
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Monitoring and Diagnostics)
68RISK
open ↗Nucleihigh
Akkadian Provisioning Manager 4.50.02 - Sensitive Information Disclosure
An issue exists within Akkadian Provisioning Manager 4.50.02 which allows attackers to view sensitive information within
18RISK
open ↗Nucleihigh
Processwire CMS <2.7.1 - Local File Inclusion
A Directory Traversal vulnerability exits in Processwire CMS before 2.7.1 via the download parameter to index.php.
23RISK
open ↗Nucleicritical
Good Layers LMS Plugin <= 2.1.4 - SQL Injection
An unauthenticated SQL Injection vulnerability in Good Layers LMS Plugin <= 2.1.4 exists due to the usage of "wp_ajax_no
23RISK
open ↗Nucleicritical
WordPress Loginizer < 1.6.4 – Unauthenticated SQL Injection via `log` Parameter
The Loginizer plugin before 1.6.4 for WordPress allows SQL injection (with resultant XSS), related to loginizer_login_fa
30RISK
open ↗Nucleimedium
Wing FTP 6.4.4 - Cross-Site Scripting
An XSS issue was discovered in Wing FTP 6.4.4. An arbitrary IFRAME element can be included in the help pages via a craft
18RISK
open ↗Nucleimedium
KeyCloak - Information Exposure
A flaw was found in keycloak in versions prior to 13.0.0. The client registration endpoint allows fetching information a
23RISK
open ↗Nucleihigh
NETGEAR - Authentication Bypass
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6020
36RISK
open ↗Nucleimedium
IceWarp WebMail 11.4.5.0 - Cross-Site Scripting
IceWarp 11.4.5.0 allows XSS via the language parameter.
18RISK
open ↗Nucleihigh
SonarQube - Authentication Bypass
SonarQube 8.4.2.36762 allows remote attackers to discover cleartext SMTP, SVN, and GitLab credentials via the api/settin
41RISK
open ↗Nucleimedium
TerraMaster TOS < 4.2.06 - User Enumeration
User Enumeration vulnerability in TerraMaster TOS <= 4.2.06 allows remote unauthenticated attackers to identify valid us
23RISK
open ↗Nucleicritical
TerraMaster TOS - Unauthenticated Remote Command Execution
Remote Command Execution (RCE) vulnerability in TerraMaster TOS <= 4.2.06 allow remote unauthenticated attackers to inje
40RISK
open ↗Nucleimedium
Rocket.Chat <3.9.1 - Information Disclosure
An email address enumeration vulnerability exists in the password reset function of Rocket.Chat through 3.9.1.
23RISK
open ↗Nucleimedium
Mitel ShoreTel 19.46.1802.0 Devices - Cross-Site Scripting
The conferencing component on Mitel ShoreTel 19.46.1802.0 devices could allow an unauthenticated attacker to conduct a r
43RISK
open ↗Nucleicritical
ManageEngine OpManager SumPDU 12.1 - 12.5.232 - Java Deserialization
Zoho ManageEngine OpManager Stable build before 125203 (and Released build before 125233) allows Remote Code Execution v
60RISK
open ↗Nucleicritical
Monitorr 1.7.6m - Unauthenticated Remote Code Execution
Remote code execution in Monitorr v1.7.6m in upload.php allows an unauthorized person to execute arbitrary code on the s
40RISK
open ↗Nucleimedium
WordPress Canto 1.3.0 - Blind Server-Side Request Forgery
The Canto plugin 1.3.0 for WordPress contains a blind SSRF vulnerability. It allows an unauthenticated attacker can make
43RISK
open ↗Nucleicritical
WP Hotel Booking < 1.10.4 - PHP Object Injection
The wp-hotel-booking plugin through 1.10.2 for WordPress allows remote attackers to execute arbitrary code because of an
23RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.