Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,114cataloged exploits
31,649CVEs with public exploitation
0lab-tested
AllExploit-DB 22,469Referência 19,810GitHub PoC 13,116VulnCheck XDB 8,069Nuclei 4,188Metasploit 3,462✓ verified onlyrecentpopularrisk
22,469 exploits
Exploit-DB
WordPress Plugin Email Subscribers & Newsletters 4.2.2 - 'hash' SQL Injection (Unauthenticated)
There was a flaw in the WordPress plugin, Email Subscribers & Newsletters before 4.3.1, that allowed SQL statements to b
78RISK
open ↗Exploit-DB
WordPress Plugin Email Subscribers & Newsletters 4.2.2 - Unauthenticated File Download
The WordPress plugin, Email Subscribers & Newsletters, before 4.2.3 had a flaw that allowed unauthenticated file downloa
70RISK
open ↗Exploit-DB
pfSense 2.4.4-p3 - Cross-Site Request Forgery
diag_command.php in pfSense 2.4.4-p3 allows CSRF via the txtCommand or txtRecallBuffer field, as demonstrated by executi
35RISK
open ↗Exploit-DB
INNEO Startup TOOLS 2018 M040 13.0.70.3804 - Remote Code Execution
An issue was discovered in INNEO Startup TOOLS 2017 M021 12.0.66.3784 through 2018 M040 13.0.70.3804. The sut_srv.exe we
28RISK
open ↗Exploit-DB
Bio Star 2.8.2 - Local File Inclusion
An issue was discovered in the Video Extension in Suprema BioStar 2 before 2.8.2. Remote attackers can read arbitrary fi
50RISK
open ↗Exploit-DB
Rails 5.0.1 - Remote Code Execution
The is a code injection vulnerability in versions of Rails prior to 5.0.1 that wouldallow an attacker who controlled the
60RISK
open ↗Exploit-DB
Bludit 3.9.2 - Directory Traversal
Bludit 3.9.2 allows remote code execution via bl-kernel/ajax/upload-images.php because PHP code can be entered with a .j
60RISK
open ↗Exploit-DB
Docsify.js 4.11.4 - Reflective Cross-Site Scripting
docsify prior to 4.11.4 is susceptible to Cross-site Scripting (XSS). Docsify.js uses fragment identifiers (parameters a
23RISK
open ↗Exploit-DB
WordPress Theme NexosReal Estate 1.7 - 'search_order' SQL Injection
The Nexos theme through 1.7 for WordPress allows side-map/?search_order= SQL Injection.
23RISK
open ↗Exploit-DB
WordPress Theme NexosReal Estate 1.7 - 'search_order' SQL Injection
The Nexos theme through 1.7 for WordPress allows top-map/?search_location= reflected XSS.
23RISK
open ↗Exploit-DB
CMSUno 1.6 - Cross-Site Request Forgery (Change Admin Password)
An issue was discovered in CMSUno before 1.6.1. uno.php allows CSRF to change the admin password.
23RISK
open ↗Exploit-DB
SuperMicro IPMI WebInterface 03.40 - Cross-Site Request Forgery (Add Admin)
The web interface on Supermicro X10DRH-iT motherboards with BIOS 2.0a and IPMI firmware 03.40 allows remote attackers to
23RISK
open ↗Exploit-DB
Zyxel Armor X1 WAP6806 - Directory Traversal
Zyxel Armor X1 WAP6806 1.00(ABAL.6)C0 devices allow Directory Traversal via the images/eaZy/ URI.
23RISK
open ↗Exploit-DB
BSA Radar 1.6.7234.24750 - Local File Inclusion
downloadFile.ashx in the Administrator section of the Surveillance module in Global RADAR BSA Radar 1.6.7234.24750 and e
23RISK
open ↗Exploit-DB
Trend Micro Web Security Virtual Appliance 6.5 SP2 Patch 4 Build 1901 - Remote Code Execution (Metasploit)
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to execute arbitr
60RISK
open ↗Exploit-DB
Aruba ClearPass Policy Manager 6.7.0 - Unauthenticated Remote Command Execution
The ClearPass Policy Manager web interface is affected by a vulnerability that leads to authentication bypass. Upon succ
35RISK
open ↗Exploit-DB
CompleteFTP Professional 12.1.3 - Remote Code Execution
EnterpriseDT CompleteFTP Server prior to version 12.1.3 is vulnerable to information exposure in the Bootstrap.log file.
23RISK
open ↗Exploit-DB
BSA Radar 1.6.7234.24750 - Cross-Site Request Forgery (Change Password)
Global RADAR BSA Radar 1.6.7234.24750 and earlier lacks valid authorization controls in multiple functions. This can all
23RISK
open ↗Exploit-DB
SuperMicro IPMI 03.40 - Cross-Site Request Forgery (Add Admin)
The web interface on Supermicro X10DRH-iT motherboards with BIOS 2.0a and IPMI firmware 03.40 allows remote attackers to
23RISK
open ↗Exploit-DB
Exhibitor Web UI 1.7.1 - Remote Code Execution
An exploitable command injection vulnerability exists in the Config editor of the Exhibitor Web UI versions 1.0.9 to 1.7
60RISK
open ↗Exploit-DB
Grafana 7.0.1 - Denial of Service (PoC)
The avatar feature in Grafana 3.0.1 through 7.0.1 has an SSRF Incorrect Access Control issue. This vulnerability allows
60RISK
open ↗Exploit-DB
RSA IG&L Aveksa 7.1.1 - Remote Code Execution
The RSA Identity Governance and Lifecycle software and RSA Via Lifecycle and Governance products prior to 7.1.0 P08 cont
33RISK
open ↗Exploit-DB
BIG-IP 15.0.0 < 15.1.0.3 / 14.1.0 < 14.1.2.5 / 13.1.0 < 13.1.3.3 / 12.1.0 < 12.1.5.1 / 11.6.1 < 11.6.5.1 - Traffic Management User Interface 'TMUI' Remote Code Execution
In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic
100RISK
open ↗Exploit-DB
BIG-IP 15.0.0 < 15.1.0.3 / 14.1.0 < 14.1.2.5 / 13.1.0 < 13.1.3.3 / 12.1.0 < 12.1.5.1 / 11.6.1 < 11.6.5.1 - Traffic Management User Interface 'TMUI' Remote Code Execution (PoC)
In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic
100RISK
open ↗Exploit-DB
OCS Inventory NG 2.7 - Remote Code Execution
OCS Inventory NG 2.7 allows Remote Command Execution via shell metacharacters to require/commandLine/CommandLine.php bec
28RISK
open ↗Exploit-DB
mySCADA myPRO 7 - Hardcoded Credentials
A hardcoded FTP username of myscada and password of Vikuk63 in 'myscadagate.exe' in mySCADA myPRO 7 allows remote attack
28RISK
open ↗Exploit-DB
Lansweeper 7.2 - Incorrect Access Control
Lansweeper 6.0.x through 7.2.x has a default installation in which the admin password is configured for the admin accoun
28RISK
open ↗Exploit-DB
FileRun 2019.05.21 - Reflected Cross-Site Scripting
FileRun 2019.05.21 allows XSS via the filename to the ?module=fileman§ion=do&page=up URI. This issue has been fixed
23RISK
open ↗Exploit-DB
WebPort 1.19.1 - 'setup' Reflected Cross-Site Scripting
Web Port 1.19.1 allows XSS via the /access/setup type parameter.
23RISK
open ↗Exploit-DB
WebPort 1.19.1 - Reflected Cross-Site Scripting
Web Port 1.19.1 allows XSS via the /log type parameter.
38RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.