Public exploitation

Exploit catalog

Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.

71,114cataloged exploits
31,649CVEs with public exploitation
0lab-tested
22,469 exploits
Exploit-DB
IBM TM1 / Planning Analytics - Unauthenticated Remote Code Execution (Metasploit)
CVE-2019-4716CRITICALunder attack31 Mar 2020
IBM Planning Analytics 2.0.0 through 2.0.8 is vulnerable to a configuration overwrite that allows an unauthenticated use
100RISK
open
Exploit-DB
DLINK DWL-2600 - Authenticated Remote Command Injection (Metasploit)
CVE-2019-2049931 Mar 2020
D-Link DWL-2600AP 4.2.0.15 Rev A devices have an authenticated OS command injection vulnerability via the Restore Config
60RISK
open
Exploit-DB
Grandstream UCM6200 Series CTI Interface - 'user_password' SQL Injection
CVE-2020-572631 Mar 2020
The Grandstream UCM6200 series before 1.0.20.22 is vulnerable to an SQL injection via the CTI server on port 8888. A rem
23RISK
open
Exploit-DB
SharePoint Workflows - XOML Injection (Metasploit)
CVE-2020-0646CRITICALunder attack31 Mar 2020
A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka '.N
100RISK
open
Exploit-DB
Microsoft Windows 10 (1903/1909) - 'SMBGhost' SMB3.1.1 'SMB2_COMPRESSION_CAPABILITIES' Local Privilege Escalation
CVE-2020-0796CRITICALunder attackransomware30 Mar 2020
A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol h
100RISK
open
Exploit-DB
Multiple DrayTek Products - Pre-authentication Remote Root Code Execution
CVE-2020-8515CRITICALunder attack30 Mar 2020
DrayTek Vigor2960 1.3.1_Beta, Vigor3900 1.4.4_Beta, and Vigor300B 1.3.3_Beta, 1.4.2.1_Beta, and 1.4.4_Beta devices allow
100RISK
open
Exploit-DB
TP-Link Archer C50 3 - Denial of Service (PoC)
CVE-2020-937526 Mar 2020
TP-Link Archer C50 V3 devices before Build 200318 Rel. 62209 allows remote attackers to cause a denial of service via a
28RISK
open
Exploit-DB
LeptonCMS 4.5.0 - Persistent Cross-Site Scripting
CVE-2020-1270725 Mar 2020
An XSS vulnerability exists in modules/wysiwyg/save.php of LeptonCMS 4.5.0. This can be exploited because the only secur
23RISK
open
Exploit-DB
WordPress Plugin WPForms 1.5.8.2 - Persistent Cross-Site Scripting
CVE-2020-1038524 Mar 2020
A stored cross-site scripting (XSS) vulnerability exists in the WPForms Contact Form (aka wpforms-lite) plugin before 1.
23RISK
open
Exploit-DB
UCM6202 1.0.18.13 - Remote Command Injection
CVE-2020-5722CRITICALunder attack24 Mar 2020
The HTTP interface of the Grandstream UCM6200 series is vulnerable to an unauthenticated remote SQL injection via crafte
100RISK
open
Exploit-DB
UliCMS 2020.1 - Persistent Cross-Site Scripting
CVE-2020-1270424 Mar 2020
UliCMS before 2020.2 has PageController stored XSS.
23RISK
open
Exploit-DB
VMware Fusion 11.5.2 - Privilege Escalation
CVE-2020-3950HIGHunder attack20 Mar 2020
VMware Fusion (11.x before 11.5.2), VMware Remote Console for Mac (11.x and prior before 11.0.1) and Horizon Client for
86RISK
open
Exploit-DB
Broadcom Wi-Fi Devices - 'KR00K Information Disclosure
CVE-2019-1512618 Mar 2020
An issue was discovered on Broadcom Wi-Fi client devices. Specifically timed and handcrafted traffic can cause internal
23RISK
open
Exploit-DB
ManageEngine Desktop Central - Java Deserialization (Metasploit)
CVE-2020-10189CRITICALunder attack17 Mar 2020
Zoho ManageEngine Desktop Central before 10.0.474 allows remote code execution because of deserialization of untrusted d
100RISK
open
Exploit-DB
Rconfig 3.x - Chained Remote Code Execution (Metasploit)
CVE-2019-1950917 Mar 2020
An issue was discovered in rConfig 3.9.3. A remote authenticated user can directly execute system commands by sending a
60RISK
open
Exploit-DB
Rconfig 3.x - Chained Remote Code Execution (Metasploit)
CVE-2020-1022017 Mar 2020
An issue was discovered in rConfig through 3.9.4. The web interface is prone to a SQL injection via the commands.inc.php
60RISK
open
Exploit-DB
Microsoft Windows 10 (1903/1909) - 'SMBGhost' SMB3.1.1 'SMB2_COMPRESSION_CAPABILITIES' Buffer Overflow (PoC)
CVE-2020-0796CRITICALunder attackransomware14 Mar 2020
A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol h
100RISK
open
Exploit-DB
WordPress Plugin Appointment Booking Calendar 1.3.34 - CSV Injection
CVE-2020-937112 Mar 2020
Stored XSS exists in the Appointment Booking Calendar plugin before 1.3.35 for WordPress. In the cpabc_appointments.php
23RISK
open
Exploit-DB
rConfig 3.9 - 'searchColumn' SQL Injection
CVE-2020-1022012 Mar 2020
An issue was discovered in rConfig through 3.9.4. The web interface is prone to a SQL injection via the commands.inc.php
60RISK
open
Exploit-DB
rConfig 3.93 - 'ajaxAddTemplate.php' Authenticated Remote Code Execution
CVE-2020-10221HIGHunder attack12 Mar 2020
lib/ajaxHandlers/ajaxAddTemplate.php in rConfig through 3.94 allows remote attackers to execute arbitrary OS commands vi
83RISK
open
Exploit-DB
WordPress Plugin Appointment Booking Calendar 1.3.34 - CSV Injection
CVE-2020-937212 Mar 2020
The Appointment Booking Calendar plugin before 1.3.35 for WordPress allows user input (in fields such as Description or
23RISK
open
Exploit-DB
Horde Groupware Webmail Edition 5.2.22 - PHAR Loading
CVE-2020-8866MEDIUM11 Mar 2020
This vulnerability allows remote attackers to create arbitrary files on affected installations of Horde Groupware Webmai
33RISK
open
Exploit-DB
Horde Groupware Webmail Edition 5.2.22 - PHP File Inclusion
CVE-2020-8865MEDIUM11 Mar 2020
This vulnerability allows remote attackers to execute local PHP files on affected installations of Horde Groupware Webma
33RISK
open
Exploit-DB
Horde Groupware Webmail Edition 5.2.22 - PHAR Loading
CVE-2020-8865MEDIUM11 Mar 2020
This vulnerability allows remote attackers to execute local PHP files on affected installations of Horde Groupware Webma
33RISK
open
Exploit-DB
Horde Groupware Webmail Edition 5.2.22 - PHP File Inclusion
CVE-2020-8866MEDIUM11 Mar 2020
This vulnerability allows remote attackers to create arbitrary files on affected installations of Horde Groupware Webmai
33RISK
open
Exploit-DB
Joomla! 3.9.0 < 3.9.7 - CSV Injection
CVE-2019-1276511 Mar 2020
An issue was discovered in Joomla! before 3.9.7. The CSV export of com_actionslogs is vulnerable to CSV injection.
28RISK
open
Exploit-DB
Nagios XI - Authenticated Remote Command Execution (Metasploit)
CVE-2019-15949HIGHunder attack10 Mar 2020
Nagios XI before 5.6.6 allows remote command execution as root. The exploit requires access to the server as the nagios
100RISK
open
Exploit-DB
Horde Groupware Webmail Edition 5.2.22 - Remote Code Execution
CVE-2020-851810 Mar 2020
Horde Groupware Webmail Edition 5.2.22 allows injection of arbitrary PHP code via CSV data, leading to remote code execu
60RISK
open
Exploit-DB
OpenSMTPD - OOB Read Local Privilege Escalation (Metasploit)
CVE-2020-879409 Mar 2020
OpenSMTPD before 6.6.4 allows remote code execution because of an out-of-bounds read in mta_io in mta_session.c for mult
60RISK
open
Exploit-DB
Apache ActiveMQ 5.x-5.11.1 - Directory Traversal Shell Upload (Metasploit)
CVE-2015-183009 Mar 2020
Directory traversal vulnerability in the fileserver upload/download functionality for blob messages in Apache ActiveMQ 5
60RISK
open

We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.