Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,180cataloged exploits
31,691CVEs with public exploitation
0lab-tested
AllExploit-DB 22,469Referência 19,841GitHub PoC 13,140VulnCheck XDB 8,078Nuclei 4,190Metasploit 3,462✓ verified onlyrecentpopularrisk
13,140 exploits
GitHub PoC
Investigating CVE-2022-36804
Multiple API endpoints in Atlassian Bitbucket Server and Data Center 7.0.0 before version 7.6.17, from version 7.7.0 bef
100RISK
open ↗GitHub PoC
rocket-panda/CVE-2025-9074
Docker Desktop allows unauthenticated access to Docker Engine API from containers
48RISK
open ↗GitHub PoC
CVE-2018-7422
A Local File Inclusion vulnerability in the Site Editor plugin through 1.1.1 for WordPress allows remote attackers to re
50RISK
open ↗GitHub PoC
Research-driven UPnP vulnerability scanner focusing on libupnp 1.6.19 and CVE-2012-5958.
Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable
60RISK
open ↗GitHub PoC★ 1
Demonstrate exploitation of Signal K Server CVE-2025-66398 allowing unauthenticated attackers to inject backdoor and enable remote code execution.
Signal K Server has Unauthenticated State Pollution leading to Remote Code Execution (RCE)
53RISK
open ↗GitHub PoC
This room is based on exploiting the notorious Log4j vulnerability ( CVE-2021-44228), also referred to as the Log4Shell. The weakness enables attackers to execute a remote code via injection of the malicious payloads into the log messages.
Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints
100RISK
open ↗GitHub PoC★ 2
This repository presents a comprehensive walkthrough of the Solar Exploiting Log4j room on TryHackMe, with a focus on understanding and exploiting the critical Log4Shell vulnerability (CVE-2021-44228).The process of triggering the exploit and gaining a reverse shell is explained in a practical and easy-to-follow manner.
Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints
100RISK
open ↗GitHub PoC
This repository provides a detailed walkthrough of the *Solar Exploiting Log4j room* on TryHackMe, focusing on exploiting the critical Log4Shell vulnerability (CVE-2021-44228). The project demonstrates how attackers can leverage insecure logging mechanisms in Java applications to achieve remote code execution.
Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints
100RISK
open ↗GitHub PoC
폰트 인덱스 처리에서 발생하는 signed overflow 취약점
Microsoft Word Remote Code Execution Vulnerability
70RISK
open ↗GitHub PoC
Lỗ hổng CVE-2025-64446 & CVE-2025-58034
A relative path traversal vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.4, FortiWeb
100RISK
open ↗GitHub PoC
Demonstration of the Heartbleed CVE (CVE-2014-0160), including lab setup instructions and source code to build your own Heartbleed lab for educational purposes
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packe
100RISK
open ↗GitHub PoC
A detailed penetration testing walkthrough and exploitation report for the 'Portal' machine, focusing on CVE-2011-2523 (vsFTPd 2.3.4 Backdoor) to achieve root access.
vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp.
60RISK
open ↗GitHub PoC
SALMA-ESSAOUD/CVE-CVSS--CVE-2024-38063-IPv6-TCP-IP-Remote-Code-Execution-Analysis
Windows TCP/IP Remote Code Execution Vulnerability
70RISK
open ↗GitHub PoC
danilo1992-sys/CVE-2021-29447
WordPress Authenticated XXE attack when installation is running PHP 8
63RISK
open ↗GitHub PoC
Langflow at pre-CVE-2025-3248 fix commit for variant analysis benchmarking
Langflow < 1.3.0 Unauthenticated RCE via /api/v1/validate/code
100RISK
open ↗GitHub PoC
CVE-2025-6934 Exploit Tool Unauthenticated Administrator Account Creation in WordPress Plugin Opal Estate Pro
Opal Estate Pro <= 1.7.5 - Unauthenticated Privilege Escalation via 'on_regiser_user'
68RISK
open ↗GitHub PoC
POC for CVE-2021-3156 - Heap-based buffer overflow in sudo
Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege
100RISK
open ↗GitHub PoC★ 1
PoC Magento Session Reaper - CVE-2025-54236
Adobe Commerce | Improper Input Validation (CWE-20)
100RISK
open ↗GitHub PoC
SEH-based buffer overflow in Easy File Sharing Web Server 7.2, reachable through the password recovery endpoint.
Easy File Sharing HTTP Server 7.2 Buffer Overflow via POST to /sendemail.ghp
63RISK
open ↗GitHub PoC
Classic stack-based buffer overflow in War FTP Daemon 1.65 demonstrating old-school remote code execution through malformed FTP commands.
Stack-based buffer overflow in War FTP Daemon 1.65, and possibly earlier, allows remote attackers to cause a denial of s
35RISK
open ↗GitHub PoC
Performing multiple time-based blind injections for the same character and selecting the most frequent result significantly reduces errors and improves reliability, through it is time-consuming.
Boolean-based SQL Injection in ZoneMinder v1.37.* <= 1.37.64
75RISK
open ↗GitHub PoC
havertz2110/CVE-2024-48510-PoC
Directory Traversal vulnerability in DotNetZip v.1.16.0 and before allows a remote attacker to execute arbitrary code vi
48RISK
open ↗GitHub PoC
vsftpd 2.3.4 Backdoor Exploit (CVE-2011-2523)
vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp.
60RISK
open ↗GitHub PoC
tayW84/CVE-2019-10945----Python3
An issue was discovered in Joomla! before 3.9.5. The Media Manager component does not properly sanitize the folder param
35RISK
open ↗GitHub PoC
Classic stack-based buffer overflow in Savant Web Server 3.1 demonstrating early-2000s remote memory corruption through a crafted HTTP request.
Buffer overflow in Savant Web Server 3.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP G
50RISK
open ↗GitHub PoC
Exploit based in /jaiguptanick/CVE-2019-0232
When running on Windows with enableCmdLineArguments enabled, the CGI Servlet in Apache Tomcat 9.0.0.M1 to 9.0.17, 8.5.0
60RISK
open ↗GitHub PoC
Classic stack-based buffer overflow in SLMail 5.1 showing how early mail servers could be compromised through oversized SMTP and POP3 commands.
Multiple buffer overflows in SLMail 5.1.0.4420 allows remote attackers to execute arbitrary code via (1) a long EHLO arg
60RISK
open ↗GitHub PoC
Practical lab focused on vulnerability analysis and exploit development, using FreeFloat FTP Server 1.0 as an educational buffer overflow case study and documenting the setup, analysis and exploitation workflow
FreeFloat FTP Server NOOP Command buffer overflow
38RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.