Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,053cataloged exploits
31,617CVEs with public exploitation
0lab-tested
AllExploit-DB 22,467Referência 19,791GitHub PoC 13,086VulnCheck XDB 8,060Nuclei 4,187Metasploit 3,462✓ verified onlyrecentpopularrisk
22,467 exploits
Exploit-DB
xibocms 3.3.4 - RCE
Xibo CMS vulnerable to Remote Code Execution through Zip Slip
41RISK
open ↗Exploit-DB
Windows Kernel - Elevation of Privilege
Windows Kernel Elevation of Privilege Vulnerability
71RISK
open ↗Exploit-DB
Fortinet FortiWeb v8.0.1 - Auth Bypass
A relative path traversal vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.4, FortiWeb
100RISK
open ↗Exploit-DB
Desktop Window Manager Core Library 10.0.10240.0 - Privilege Escalation
Microsoft DWM Core Library Elevation of Privilege Vulnerability
41RISK
open ↗Exploit-DB
Boss Mini v1.4.0 - Local File Inclusion (LFI)
Boss Mini document file inclusion
78RISK
open ↗Exploit-DB
mailcow 2025-01a - Host Header Password Reset Poisoning
mailcow: dockerized vulnerable to password reset poisoning
41RISK
open ↗Exploit-DB
WordPress Backup Migration 1.3.7 - Remote Command Execution
Backup Migration <= 1.3.7 - Unauthenticated Remote Code Execution
85RISK
open ↗Exploit-DB
motionEye 0.43.1b4 - RCE
MotionEye v0.43.1b4 and before is vulnerable to OS Command Injection in configuration parameters such as image_file_name
61RISK
open ↗Exploit-DB
Docker Desktop 4.44.3 - Unauthenticated API Exposure
Docker Desktop allows unauthenticated access to Docker Engine API from containers
48RISK
open ↗Exploit-DB
OctoPrint 1.11.2 - File Upload
OctoPrint is Vulnerable to RCE Attacks via Unsanitized Filename in File Upload
46RISK
open ↗Exploit-DB
Siklu EtherHaul Series EH-8010 - Remote Command Execution
An issue was discovered in Siklu Communications Etherhaul 8010TX and 1200FX devices, Firmware 7.4.0 through 10.7.3 and p
48RISK
open ↗Exploit-DB
FreeBSD rtsold 15.x - Remote Code Execution via DNSSL
Remote code execution via ND6 Router Advertisements
56RISK
open ↗Exploit-DB
esm-dev 136 - Path Traversal
esm.sh writes arbitrary files via path traversal in `X-Zone-Id` header
48RISK
open ↗Exploit-DB
Pluck 4.7.7-dev2 - PHP Code Execution
An issue was discovered in Pluck before 4.7.7-dev2. /data/inc/images.php allows remote attackers to upload and execute a
23RISK
open ↗Exploit-DB
RosarioSIS 6.7.2 - Cross Site Scripting (XSS)
RosarioSIS 6.7.2 is vulnerable to XSS, caused by improper validation of user-supplied input by the Preferences.php scrip
23RISK
open ↗Exploit-DB
MaNGOSWebV4 4.0.6 - Reflected XSS
paintballrefjosh/MaNGOSWebV4 before 4.0.8 is vulnerable to a reflected XSS in install/index.php (step parameter).
38RISK
open ↗Exploit-DB
RosarioSIS 6.7.2 - Cross-Site Scripting (XSS)
RosarioSIS 6.7.2 is vulnerable to XSS, caused by improper validation of user-supplied input by the PrintSchedules.php sc
38RISK
open ↗Exploit-DB
Django 5.1.13 - SQL Injection
Potential SQL injection via _connector keyword argument in QuerySet and Q objects
53RISK
open ↗Exploit-DB
phpIPAM 1.4 - SQL-Injection
phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/order.php table parameter when action=add is used.
23RISK
open ↗Exploit-DB
phpMyFaq 2.9.8 - Cross Site Request Forgery (CSRF)
In phpMyFaq before 2.9.9, there is CSRF in admin/ajax.config.php.
23RISK
open ↗Exploit-DB
PluckCMS 4.7.10 - Unrestricted File Upload
File Upload vulnerability in PluckCMS v.4.7.10 allows a remote attacker to execute arbitrary code via the trashcan_resto
41RISK
open ↗Exploit-DB
OpenRepeater 2.1 - OS Command Injection
OpenRepeater (ORP) before 2.2 allows unauthenticated command injection via shell metacharacters in the functions/ajax_sy
28RISK
open ↗Exploit-DB
openSIS Community Edition 8.0 - SQL Injection
An SQL Injection vulnerability exists in openSIS Community Edition version 8.0 via ForgotPassUserName.php.
23RISK
open ↗Exploit-DB
MobileDetect 2.8.31 - Cross-Site Scripting (XSS)
MobileDetect Example session_example.php initLayoutType cross site scripting
28RISK
open ↗Exploit-DB
phpMyAdmin 5.0.0 - SQL Injection
In phpMyAdmin 4 before 4.9.4 and 5 before 5.0.1, SQL injection exists in the user accounts page. A malicious user could
35RISK
open ↗Exploit-DB
phpMyFAQ 2.9.8 - Cross-Site Request Forgery (CSRF)
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) for modifying a glossary.
23RISK
open ↗Exploit-DB
phpMyFAQ 2.9.8 - Cross-Site Request Forgery(CSRF)
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.main.php.
23RISK
open ↗Exploit-DB
phpIPAM 1.6 - Reflected Cross-Site Scripting (XSS)
phpipam 1.6 is vulnerable to Cross Site Scripting (XSS) via app\admin\import-export\import-load-data.php.
33RISK
open ↗Exploit-DB
YOURLS 1.8.2 - Cross-Site Request Forgery (CSRF)
Cross-Site Request Forgery (CSRF) in yourls/yourls
28RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.