Explotación pública

Catálogo de exploits

Todo exploit público que catalogamos, en un solo índice. Busca por CVE, nombre del exploit o tecnología — y mira, al lado, lo que la falla realmente vale: severidad, probabilidad de explotación y si ya está bajo ataque.

71.114exploits catalogados
31.649CVEs con explotación pública
0probados en laboratorio
22.467 exploits
Exploit-DB
Alt-N MDaemon webmail 20.0.0 - 'file name' Stored Cross Site Scripting (XSS)
CVE-2020-1872308 feb 2021
Stored cross-site scripting (XSS) in file attachment field in MDaemon webmail 19.5.5 allows an attacker to execute code
23RIESGO
abrir
Exploit-DB
Pixelimity 1.0 - 'password' Cross-Site Request Forgery
CVE-2020-2352203 feb 2021
Pixelimity 1.0 has cross-site request forgery via the admin/setting.php data [Password] parameter.
23RIESGO
abrir
Exploit-DB
Sudo 1.9.5p1 - 'Baron Samedit ' Heap-Based Buffer Overflow Privilege Escalation (2)
CVE-2021-3156HIGHbajo ataque03 feb 2021
Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege
100RIESGO
abrir
Exploit-DB
Sudo 1.9.5p1 - 'Baron Samedit ' Heap-Based Buffer Overflow Privilege Escalation (1)
CVE-2021-3156HIGHbajo ataque03 feb 2021
Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege
100RIESGO
abrir
Exploit-DB
Klog Server 2.4.1 - Command Injection (Authenticated)
CVE-2021-331701 feb 2021
KLog Server through 2.4.1 allows authenticated command injection. async.php calls shell_exec() on the original value of
35RIESGO
abrir
Exploit-DB
Quick.CMS 6.7 - Remote Code Execution (Authenticated)
CVE-2020-3575429 ene 2021
OpenSolution Quick.CMS < 6.7 and Quick.Cart < 6.7 allow an authenticated user to perform code injection (and consequentl
28RIESGO
abrir
Exploit-DB
MyBB Hide Thread Content Plugin 1.0 - Information Disclosure
CVE-2021-333729 ene 2021
The Hide-Thread-Content plugin through 2021-01-27 for MyBB allows remote attackers to bypass intended content-reading re
28RIESGO
abrir
Exploit-DB
CMSUno 1.6.2 - 'lang' Remote Code Execution (Authenticated)
CVE-2020-2555728 ene 2021
In CMSuno 1.6.2, an attacker can inject malicious PHP code as a "username" while changing his/her username & password. A
23RIESGO
abrir
Exploit-DB
Metasploit Framework 6.0.11 - msfvenom APK template command injection
CVE-2020-7384HIGH28 ene 2021
Client-Side Command Injection in Rapid7 Metasploit
68RIESGO
abrir
Exploit-DB
CMSUno 1.6.2 - 'lang' Remote Code Execution (Authenticated)
CVE-2020-2553828 ene 2021
An authenticated attacker can inject malicious code into "lang" parameter in /uno/central.php file in CMSuno 1.6.2 and r
23RIESGO
abrir
Exploit-DB
Fuel CMS 1.4.1 - Remote Code Execution (2)
CVE-2018-1676328 ene 2021
FUEL CMS 1.4.1 allows PHP Code Evaluation via the pages/select/ filter parameter or the preview/ data parameter. This ca
60RIESGO
abrir
Exploit-DB
Tenda AC5 AC1200 Wireless - 'WiFi Name & Password' Stored Cross Site Scripting
CVE-2021-318626 ene 2021
A Stored Cross-site scripting (XSS) vulnerability in /main.html Wifi Settings in Tenda AC5 AC1200 version V15.03.06.47_m
23RIESGO
abrir
Exploit-DB
Oracle WebLogic Server 12.2.1.0 - RCE (Unauthenticated)
CVE-2020-14882CRITICALbajo ataque26 ene 2021
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions
100RIESGO
abrir
Exploit-DB
Klog Server 2.4.1 - Unauthenticated Command Injection (Metasploit)
CVE-2020-3572925 ene 2021
KLog Server 2.4.1 allows OS command injection via shell metacharacters in the actions/authenticate.php user parameter.
60RIESGO
abrir
Exploit-DB
Oracle WebLogic Server 14.1.1.0 - RCE (Authenticated)
CVE-2021-2109HIGH22 ene 2021
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions
63RIESGO
abrir
Exploit-DB
Atlassian Confluence Widget Connector Macro - SSTI
CVE-2019-3396CRITICALbajo ataqueransomware22 ene 2021
The Widget Connector macro in Atlassian Confluence Server before version 6.6.12 (the fixed version for 6.6.x), from vers
100RIESGO
abrir
Exploit-DB
Wordpress Plugin Simple Job Board 2.9.3 - Authenticated File Read (Metasploit)
CVE-2020-3574921 ene 2021
Directory traversal vulnerability in class-simple_job_board_resume_download_handler.php in the Simple Board Job plugin 2
50RIESGO
abrir
Exploit-DB
Anchor CMS 0.12.7 - CSRF (Delete user)
CVE-2020-2334221 ene 2021
A CSRF vulnerability exists in Anchor CMS 0.12.7 anchor/views/users/edit.php that can change the Delete admin users.
28RIESGO
abrir
Exploit-DB
osTicket 1.14.2 - SSRF
CVE-2020-2488119 ene 2021
SSRF exists in osTicket before 1.14.3, where an attacker can add malicious file to server or perform port scanning.
60RIESGO
abrir
Exploit-DB
Laravel 8.4.2 debug mode - Remote code execution
CVE-2021-3129CRITICALbajo ataqueransomware14 ene 2021
Ignition before 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitra
100RIESGO
abrir
Exploit-DB
Nagios XI 5.7.X - Remote Code Execution RCE (Authenticated)
CVE-2020-3557814 ene 2021
An issue was discovered in the Manage Plugins page in Nagios XI before 5.8.0. Because the line-ending conversion feature
60RIESGO
abrir
Exploit-DB
Apache Flink 1.11.0 - Unauthenticated Arbitrary File Read (Metasploit)
CVE-2020-17519CRITICALbajo ataque08 ene 2021
Apache Flink directory traversal attack: reading remote files through the REST API
100RIESGO
abrir
Exploit-DB
PaperStream IP (TWAIN) 1.42.0.5685 - Local Privilege Escalation
CVE-2018-1615606 ene 2021
In PaperStream IP (TWAIN) 1.42.0.5685 (Service Update 7), the FJTWSVIC service running with SYSTEM privilege processes u
23RIESGO
abrir
Exploit-DB
Sonatype Nexus 3.21.1 - Remote Code Execution (Authenticated)
CVE-2020-10199HIGHbajo ataque06 ene 2021
Sonatype Nexus Repository before 3.21.2 allows JavaEL Injection (issue 1 of 2).
100RIESGO
abrir
Exploit-DB
IPeakCMS 3.5 - Boolean-based blind SQLi
CVE-2021-301806 ene 2021
ipeak Infosystems ibexwebCMS (aka IPeakCMS) 3.5 is vulnerable to an unauthenticated Boolean-based SQL injection via the
43RIESGO
abrir
Exploit-DB
Gitea 1.7.5 - Remote Code Execution
CVE-2019-1122906 ene 2021
models/repo_mirror.go in Gitea before 1.7.6 and 1.8.x before 1.8-RC3 mishandles mirror repo URL settings, leading to rem
35RIESGO
abrir
Exploit-DB
IncomCMS 2.0 - Insecure File Upload
CVE-2020-2959705 ene 2021
IncomCMS 2.0 has a modules/uploader/showcase/script.php insecure file upload vulnerability. This vulnerability allows un
60RIESGO
abrir
Exploit-DB
Klog Server 2.4.1 - Command Injection (Unauthenticated)
CVE-2020-3572905 ene 2021
KLog Server 2.4.1 allows OS command injection via shell metacharacters in the actions/authenticate.php user parameter.
60RIESGO
abrir
Exploit-DB
Fluentd TD-agent plugin 4.0.1 - Insecure Folder Permission
CVE-2020-2816905 ene 2021
The td-agent-builder plugin before 2020-12-18 for Fluentd allows attackers to gain privileges because the bin directory
23RIESGO
abrir
Exploit-DB
Mantis Bug Tracker 2.24.3 - 'access' SQL Injection
CVE-2020-28413MEDIUM04 ene 2021
In MantisBT 2.24.3, SQL Injection can occur in the parameter "access" of the mc_project_get_users function through the A
33RIESGO
abrir

Indexamos solo el enlace público a la prueba de concepto — nunca alojamos ni redistribuimos código de explotación. Fuentes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit y VulnCheck XDB. La existencia de PoC pública no significa que la falla sea explotable en tu entorno.