Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,114cataloged exploits
31,649CVEs with public exploitation
0lab-tested
AllExploit-DB 22,469Referência 19,810GitHub PoC 13,116VulnCheck XDB 8,069Nuclei 4,188Metasploit 3,462✓ verified onlyrecentpopularrisk
22,469 exploits
Exploit-DB
Apache Tomcat - AJP 'Ghostcat' File Read/Inclusion (Metasploit)
When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Tomc
100RISK
open ↗Exploit-DB
OpenCart Theme Journal 3.1.0 - Sensitive Data Exposure
The Journal theme before 3.1.0 for OpenCart allows exposure of sensitive data via SQL errors.
23RISK
open ↗Exploit-DB
October CMS Build 465 - Arbitrary File Read Exploit (Authenticated)
Local File read vulnerability in OctoberCMS
33RISK
open ↗Exploit-DB
ShoreTel Conferencing 19.46.1802.0 - Reflected Cross-Site Scripting
The conferencing component on Mitel ShoreTel 19.46.1802.0 devices could allow an unauthenticated attacker to conduct a r
43RISK
open ↗Exploit-DB
Genexis Platinum-4410 P4410-V2-1.28 - Broken Access Control and CSRF
A specific router allows changing the Wi-Fi password remotely. Genexis Platinum 4410 V2-1.28, a compact router generally
23RISK
open ↗Exploit-DB
Joplin 1.2.6 - 'link' Cross Site Scripting
Joplin 1.2.6 for Desktop allows XSS via a LINK element in a note.
23RISK
open ↗Exploit-DB
SuiteCRM 7.11.15 - 'last_name' Remote Code Execution (Authenticated)
SuiteCRM before 7.11.17 is vulnerable to remote code execution via the system settings Log File Name setting. In certain
50RISK
open ↗Exploit-DB
TP-Link WDR4300 - Remote Code Execution (Authenticated)
Multiple stack-based buffer overflows in TP-Link WR940N WiFi routers with hardware version 4 allow remote authenticated
35RISK
open ↗Exploit-DB
Amarok 2.8.0 - Denial-of-Service
A remote user can create a specially crafted M3U file, media playlist file that when loaded by the target user, will tri
23RISK
open ↗Exploit-DB
DedeCMS v.5.8 - _keyword_ Cross-Site Scripting
A Cross Site Scripting (XSS) issue was discovered in the search feature of DedeCMS v.5.8 that allows malicious users to
23RISK
open ↗Exploit-DB
Blueman < 2.1.4 - Local Privilege Escalation
Local privilege escalation Blueman
41RISK
open ↗Exploit-DB
Oracle Business Intelligence Enterprise Edition 5.5.0.0.0 / 12.2.1.3.0 / 12.2.1.4.0 - 'getPreviewImage' Directory Traversal/Local File Inclusion
Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Ins
100RISK
open ↗Exploit-DB
Nagios XI 5.7.3 - 'mibs.php' Remote Command Injection (Authenticated)
Improper neutralization of special elements used in an OS command in Nagios XI 5.7.3 allows a remote, authenticated admi
60RISK
open ↗Exploit-DB
Sentrifugo 3.2 - File Upload Restriction Bypass (Authenticated)
Multiple file upload restriction bypass vulnerabilities in Sentrifugo 3.2 could allow authenticated users to execute arb
35RISK
open ↗Exploit-DB
CMS Made Simple 2.1.6 - 'cntnt01detailtemplate' Server-Side Template Injection
In CMS Made Simple 2.1.6, there is Server-Side Template Injection via the cntnt01detailtemplate parameter.
23RISK
open ↗Exploit-DB
Bludit 3.9.2 - Auth Bruteforce Bypass
bl-kernel/security.class.php in Bludit 3.9.2 allows attackers to bypass a brute-force protection mechanism by using many
40RISK
open ↗Exploit-DB
Jenkins 2.63 - Sandbox bypass in pipeline: Groovy plug-in
A sandbox bypass vulnerability exists in Jenkins Pipeline: Groovy Plugin 2.63 and earlier in pom.xml, src/main/java/org/
100RISK
open ↗Exploit-DB
HiSilicon Video Encoders - RCE via unauthenticated command injection
An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders. The file-upload endpo
35RISK
open ↗Exploit-DB
HiSilicon video encoders - RCE via unauthenticated upload of malicious firmware
An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders. The file-upload endpo
35RISK
open ↗Exploit-DB
Hostel Management System 2.1 - Cross Site Scripting (Multiple Fields)
PHPGurukul hostel-management-system 2.1 allows XSS via Guardian Name, Guardian Relation, Guardian Contact no, Address, o
23RISK
open ↗Exploit-DB
HiSilicon Video Encoders - Unauthenticated file disclosure via path traversal
An issue was discovered on URayTech IPTV/H.264/H.265 video encoders through 1.97. Attackers can send crafted unauthentic
28RISK
open ↗Exploit-DB
HiSilicon Video Encoders - Unauthenticated RTSP buffer overflow (DoS)
An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders. Attackers can send a
35RISK
open ↗Exploit-DB
HiSilicon Video Encoders - Full admin access via backdoor password
An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders. Attackers can use har
28RISK
open ↗Exploit-DB
Typesetter CMS 5.1 - Arbitrary Code Execution (Authenticated)
Typesetter CMS 5.x through 5.1 allows admins to upload and execute arbitrary PHP code via a .php file inside a ZIP archi
28RISK
open ↗Exploit-DB
Seat Reservation System 1.0 - Unauthenticated SQL Injection
An issue was discovered in SourceCodester Seat Reservation System 1.0. The file admin_class.php does not perform input v
28RISK
open ↗Exploit-DB
Cisco ASA and FTD 9.6.4.42 - Path Traversal
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Read-Only Path Traversal Vulnerability
100RISK
open ↗Exploit-DB
Kentico CMS 9.0-12.0.49 - Persistent Cross Site Scripting
Kentico before 12.0.50 allows file uploads in which the Content-Type header is inconsistent with the file extension, lea
23RISK
open ↗Exploit-DB
D-Link DSR-250N 3.12 - Denial of Service (PoC)
An issue was discovered on D-Link DSR-250N before 3.17B devices. The CGI script upgradeStatusReboot.cgi can be accessed
28RISK
open ↗Exploit-DB
SpamTitan 7.07 - Unauthenticated Remote Code Execution
An issue was discovered in Titan SpamTitan 7.07. Improper input sanitization of the parameter community on the page snmp
60RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.