Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,114cataloged exploits
31,649CVEs with public exploitation
0lab-tested
AllExploit-DB 22,469Referência 19,810GitHub PoC 13,116VulnCheck XDB 8,069Nuclei 4,188Metasploit 3,462✓ verified onlyrecentpopularrisk
4,188 exploits
Nucleimedium
Rukovoditel <= 2.7.2 - Cross-Site Scripting
A stored cross site scripting (XSS) vulnerability in the 'Entities List' feature of Rukovoditel 2.7.2 allows authenticat
18RISK
open ↗Nucleicritical
CSE Bookstore 1.0 - SQL Injection
CSE Bookstore version 1.0 is vulnerable to time-based blind, boolean-based blind and OR error-based SQL injection in pub
23RISK
open ↗Nucleicritical
Ultimate Member < 2.1.12 - Unauthenticated Privilege Escalation via User Meta
An issue was discovered in the Ultimate Member plugin before 2.1.12 for WordPress, aka Unauthenticated Privilege Escalat
43RISK
open ↗Nucleimedium
Jira Server and Data Center - Information Disclosure
Affected versions of Atlassian Jira Server and Data Center allow an unauthenticated user to enumerate users via an Infor
50RISK
open ↗Nucleicritical
ThemeGrill Demo Importer < 1.6.2 - Database Reset
themegrill-demo-importer before 1.6.2 does not require authentication for wiping the database, because of a reset_wizard
18RISK
open ↗Nucleimedium
Smartstore <4.1.0 - Open Redirect
Smartstore (aka SmartStoreNET) before 4.1.0 allows CommonController.ClearCache, ClearDatabaseCache, RestartApplication,
18RISK
open ↗Nucleimedium
WordPress 15Zine <3.3.0 - Cross-Site Scripting
15Zine < 3.3.0 - Reflected Cross-Site Scripting
18RISK
open ↗Nucleicritical
Adning Advertising <= 1.5.5 - Arbitrary File Upload
Adning Advertising <= 1.5.5 - Arbitrary File Upload
43RISK
open ↗Nucleicritical
WordPress Epsilon Framework Themes <=2.4.8 - Remote Code Execution
Epsilon Framework Themes (Various Versions) - Function Injection
75RISK
open ↗Nucleicritical
ListingPro < 2.6.1 - Arbitrary Plugin Installation/Activation/Deactivation
ListingPro - WordPress Directory & Listing Theme < 2.6.1 - Arbitrary Plugin Installation, Activation and Deactivation
43RISK
open ↗Nucleihigh
ListingPro < 2.6.1 - Sensitive Data Disclosure
ListingPro - WordPress Directory & Listing Theme < 2.6.1 - Sensitive Information Disclosure
28RISK
open ↗Nucleimedium
WordPress Plugin Adning Advertising < 1.5.6 - Arbitrary File Upload
Adning Advertising <= 1.5.5 - Unauthenticated Arbitrary File Deletion via Path Traversal
28RISK
open ↗Nucleihigh
Flexible Checkout Fields for WooCommerce <= 2.3.1 - Unauthenticated Arbitrary Plugin Settings Update
Flexible Checkout Fields for WooCommerce <= 2.3.1 - Unauthenticated Arbitrary Plugin Settings Update
36RISK
open ↗Nucleihigh
WordPress WP Fastest Cache <= 0.9.0.2 - Authenticated Arbitrary File Deletion
WP Fastest Cache <= 0.9.0.2 - Authenticated (Subscriber+) Arbitrary File Deletion
36RISK
open ↗Nucleimedium
BrightSign Digital Signage 8.2.26 - Server-Side Request Forgery
BrightSign Digital Signage Diagnostic Web Server 8.2.26 Unauthenticated SSRF
28RISK
open ↗Nucleicritical
VMware vCenter Server LDAP Broken Access Control
Under certain conditions, vmdir that ships with VMware vCenter Server, as part of an embedded or external Platform Servi
100RISK
open ↗Nucleicritical
IBM Data Risk Manager - Authentication Bypass via SAML
IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 could allow a remote attacker to bypass security rest
95RISK
open ↗Nucleihigh
IBM Maximo Asset Management Information Disclosure - XML External Entity Injection
IBM Maximo Asset Management 7.6.0.1 and 7.6.0.2 is vulnerable to an XML External Entity Injection (XXE) attack when proc
68RISK
open ↗Nucleimedium
PHPGurukul Hospital Management System - Cross-Site Scripting
PHPGurukul Hospital Management System in PHP v4.0 suffers from multiple Persistent XSS vulnerabilities.
38RISK
open ↗Nucleihigh
Hospital Management System 4.0 - SQL Injection
PHPGurukul Hospital Management System in PHP v4.0 suffers from multiple SQL injection vulnerabilities: multiple pages an
43RISK
open ↗Nucleimedium
Next.js <9.3.2 - Local File Inclusion
Directory Traversal in Next.js versions below 9.3.2
40RISK
open ↗Nucleicritical
PHPGurukul Dairy Farm Shop Management System 1.0 - SQL Injection
PHPGurukul Dairy Farm Shop Management System 1.0 is vulnerable to SQL injection, as demonstrated by the username paramet
23RISK
open ↗Nucleimedium
Spring Cloud Config - Local File Inclusion
Directory Traversal with spring-cloud-config-server
30RISK
open ↗Nucleihigh
Spring Cloud Config Server - Local File Inclusion
Directory Traversal with spring-cloud-config-server
100RISK
open ↗Nucleimedium
Spring Cloud Netflix - Server-Side Request Forgery
Hystrix Dashboard Proxy In spring-cloud-netflix-hystrix-dashboard
23RISK
open ↗Nucleicritical
Grandstream UCM6200 - SQL Injection
The HTTP interface of the Grandstream UCM6200 series is vulnerable to an unauthenticated remote SQL injection via crafte
100RISK
open ↗Nucleihigh
SRS Simple Hits Counter 1.0.3-1.0.4 - Unauthenticated Blind SQL Injection
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in SRS Simple Hits Counter Plugin f
18RISK
open ↗Nucleimedium
Canvas LMS v2020-07-29 - Blind Server-Side Request Forgery
Server-Side Request Forgery in Canvas LMS 2020-07-29 allows a remote, unauthenticated attacker to cause the Canvas appli
18RISK
open ↗Nucleihigh
MAGMI - Cross-Site Request Forgery
Currently, all versions of MAGMI are vulnerable to CSRF due to the lack of CSRF tokens. RCE (via phpcli command) is poss
23RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.