Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,062cataloged exploits
31,617CVEs with public exploitation
0lab-tested
AllExploit-DB 22,467Referência 19,791GitHub PoC 13,086VulnCheck XDB 8,069Nuclei 4,187Metasploit 3,462✓ verified onlyrecentpopularrisk
22,467 exploits
Exploit-DB
YOURLS 1.8.2 - Cross-Site Request Forgery (CSRF)
Cross-Site Request Forgery (CSRF) in yourls/yourls
28RISK
open ↗Exploit-DB
Piwigo 13.6.0 - SQL Injection
Piwigo 13.6.0 is vulnerable to SQL Injection via in the "profile" function.
48RISK
open ↗Exploit-DB
phpIPAM 1.6 - Reflected Cross-Site Scripting (XSS)
phpipam 1.6 is vulnerable to Cross Site Scripting (XSS) via app\admin\import-export\import-load-data.php.
33RISK
open ↗Exploit-DB
phpMyFAQ 3.1.7 - Reflected Cross-Site Scripting (XSS)
Cross-site Scripting (XSS) - Reflected in thorsten/phpmyfaq
56RISK
open ↗Exploit-DB
Flowise 3.0.4 - Remote Code Execution (RCE)
Flowise has Remote Code Execution vulnerability
85RISK
open ↗Exploit-DB
Casdoor 2.95.0 - Cross-Site Request Forgery (CSRF)
Casdoor v1.331.0 and below was discovered to contain a Cross-Site Request Forgery (CSRF) in the endpoint /api/set-passwo
23RISK
open ↗Exploit-DB
Mbed TLS 3.6.4 - Use-After-Free
Mbed TLS before 3.6.4 allows a use-after-free in certain situations of applications that are developed in accordance wit
41RISK
open ↗Exploit-DB
HTMLDOC 1.9.13 - Stack Buffer Overflow
A stack-based buffer overflow in image_load_bmp() in HTMLDOC <= 1.9.13 results in remote code execution if the victim co
23RISK
open ↗Exploit-DB
dotCMS 25.07.02-1 - Authenticated Blind SQL Injection
dotCMS versions 24.03.22 and after, identified a Boolean-based blind SQLi vulnerability in the /api/v1/contenttype endpo
48RISK
open ↗Exploit-DB
HTTP/2 2.0 - Denial Of Service (DOS)
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many
93RISK
open ↗Exploit-DB
XWiki Platform 15.10.10 - Metasploit Module for Remote Code Execution (RCE)
Remote code execution as guest via SolrSearchMacros request in xwiki
100RISK
open ↗Exploit-DB
Casdoor 2.55.0 - Cross-Site Request Forgery (CSRF)
Casdoor v1.331.0 and below was discovered to contain a Cross-Site Request Forgery (CSRF) in the endpoint /api/set-passwo
23RISK
open ↗Exploit-DB
Tourism Management System 2.0 - Arbitrary Shell Upload
A Shell Upload vulnerability in Tourism Management System 2.0 allows an attacker to upload and execute arbitrary PHP she
41RISK
open ↗Exploit-DB
ClipBucket 5.5.0 - Arbitrary File Upload
An issue in ClipBucket 5.5.0 and prior versions allows an unauthenticated attacker can exploit the plupload endpoint in
41RISK
open ↗Exploit-DB
GeoVision ASManager Windows Application 6.1.2.0 - Credentials Disclosure
GeoVision ASManager Windows desktop application with the version 6.1.2.0 or less (fixed in 6.2.0), is vulnerable to cred
33RISK
open ↗Exploit-DB
GeoVision ASManager Windows Application 6.1.2.0 - Remote Code Execution (RCE)
GeoVision GV-ASWeb with the version 6.1.2.0 or less (fixed in 6.2.0), contains a Remote Code Execution (RCE) vulnerabili
46RISK
open ↗Exploit-DB
Ivanti Endpoint Manager Mobile 12.5.0.0 - Authentication Bypass
Authentication Bypass
100RISK
open ↗Exploit-DB
Birth Chart Compatibility WordPress Plugin 2.0 - Full Path Disclosure
Birth Chart Compatibility <= 2.0 - Unauthenticated Full Path Exposure
33RISK
open ↗Exploit-DB
StoryChief Wordpress Plugin 1.0.42 - Arbitrary File Upload
StoryChief <= 1.0.42 - Unauthenticated Arbitrary File Upload
75RISK
open ↗Exploit-DB
PHPMyAdmin 3.0 - Bruteforce Login Bypass
libraries/plugins/auth/AuthenticationCookie.class.php in phpMyAdmin 4.3.x before 4.3.13.2 and 4.4.x before 4.4.14.1 allo
23RISK
open ↗Exploit-DB
BigAnt Office Messenger 5.6.06 - SQL Injection
BigAnt Office Messenger 5.6.06 is vulnerable to SQL Injection via the 'dev_code' parameter.
33RISK
open ↗Exploit-DB
Microsoft Windows 10.0.19045 - NTLMv2 Hash Disclosure
Microsoft Windows File Explorer Spoofing Vulnerability
38RISK
open ↗Exploit-DB
Tenda AC20 16.03.08.12 - Command Injection
Tenda AC20 Telnet Service telnet websFormDefine command injection
38RISK
open ↗Exploit-DB
Lantronix Provisioning Manager 7.10.3 - XML External Entity Injection (XXE)
Lantronix Provisioning Manager Improper Restriction of XML External Entity Reference
41RISK
open ↗Exploit-DB
RiteCMS 3.0.0 - Reflected Cross Site Scripting (XSS)
RiteCMS v3.0.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component main_menu/edit_sec
48RISK
open ↗Exploit-DB
Microsoft Edge Renderer Process (Mojo IPC) 134.0.6998.177 - Sandbox Escape
Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allow
71RISK
open ↗Exploit-DB
JetBrains TeamCity 2023.11.4 - Authentication Bypass
In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible
100RISK
open ↗Exploit-DB
Ghost CMS 5.59.1 - Arbitrary File Read
Arbitrary file read via symlinks in Ghost
45RISK
open ↗Exploit-DB
Ghost CMS 5.42.1 - Path Traversal
Ghost before 5.42.1 allows remote attackers to read arbitrary files within the active theme's folder via /assets/built%2
68RISK
open ↗Exploit-DB
Tigo Energy Cloud Connect Advanced (CCA) 4.0.1 - Command Injection
Improper Neutralization of Special Elements used in a Command ('Command Injection') in Tigo Energy Cloud Connect Advanced
46RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.