Exploração pública
Catálogo de exploits
Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.
71.114exploits catalogados
31.649CVEs com exploração pública
0testados em laboratório
TodosExploit-DB 22.469Referência 19.810GitHub PoC 13.116VulnCheck XDB 8.069Nuclei 4.188Metasploit 3.462✓ só verificadosrecentespopularesrisco
19.810 exploits
Referência
PHPKB Multi-Language 9 - Authenticated Directory Traversal
Path Traversal in admin/download.php in Chadha PHPKB Standard Multi-Language 9 allows remote attackers to download files
23RISCO
abrir ↗Referência
Downline Goldmine Builder - SQL Injection
SQL injection vulnerability in tr.php in DownlineGoldmine Special Category Addon, Downline Builder Pro, New Addon, and D
23RISCO
abrir ↗Referência
CVE-2020-12712
A vulnerability based on insecure user/password encryption in the JOE (job editor) component of SOS JobScheduler 1.12 an
23RISCO
abrir ↗Referência
CVE-2013-1806
Multiple directory traversal vulnerabilities in PHP-Fusion before 7.02.06 allow remote authenticated users to include an
23RISCO
abrir ↗Referência
Autodesk DWF Viewer Control / LiveUpdate Module - Remote Code Execution
The UpdateEngine class in the LiveUpdate ActiveX control (LiveUpdate16.DLL 17.2.56), as used in Revit Architecture 2009
23RISCO
abrir ↗Referência
CVE-2011-4644
Splunk 4.2.5 and earlier, when a Free license is selected, enables potentially undesirable functionality within an envir
23RISCO
abrir ↗Referência
CVE-2011-4106
TimThumb (timthumb.php) before 2.0 does not validate the entire source with the domain white list, which allows remote a
28RISCO
abrir ↗Referência
Imageview 5.3 - 'fileview.php?album' Local File Inclusion
Directory traversal vulnerability in fileview.php in Imageview 5.3 allows remote attackers to read arbitrary files via a
23RISCO
abrir ↗Referência
CVE-2012-2271
Buffer overflow in the InitLicenKeys function in a certain ActiveX control in SkinCrafter3_vs2005.dll in SkinCrafter 3.0
23RISCO
abrir ↗Referência
CVE-2011-4106
TimThumb (timthumb.php) before 2.0 does not validate the entire source with the domain white list, which allows remote a
28RISCO
abrir ↗Referência
Quicksilver Forums 1.2.1 - Remote File Inclusion
PHP remote file inclusion vulnerability in lib/activeutil.php in Quicksilver Forums (QSF) 1.2.1 and earlier allows remot
23RISCO
abrir ↗Referência
Shadows Rising RPG 0.0.5b - Remote File Inclusion
Multiple PHP remote file inclusion vulnerabilities in Shadows Rising RPG (Pre-Alpha) 0.0.5b and earlier allow remote att
23RISCO
abrir ↗Referência
Simple Discussion Board 0.1.0 - Remote File Inclusion
Multiple PHP remote file inclusion vulnerabilities in Simple Discussion Board 0.1.0 allow remote attackers to execute ar
23RISCO
abrir ↗Referência
CVE-2018-10608
SEL AcSELerator Architect version 2.2.24.0 and prior can be exploited when the AcSELerator Architect FTP client connects
23RISCO
abrir ↗Referência
CGX 20050314 - 'pathCGX' Remote File Inclusion
Multiple PHP remote file inclusion vulnerabilities in CGX 20050314 allow remote attackers to execute arbitrary PHP code
23RISCO
abrir ↗Referência
SendStudio 2004.14 - 'ROOTDIR' Remote File Inclusion
Multiple PHP remote file inclusion vulnerabilities in Interspire SendStudio 2004.14 and earlier, when register_globals a
23RISCO
abrir ↗Referência
CVE-2019-19142
Intelbras WRN240 devices do not require authentication to replace the firmware via a POST request to the incoming/Firmwa
23RISCO
abrir ↗Referência
Sphider 1.3 - 'configset.php' Remote File Inclusion
PHP remote file inclusion vulnerability in admin/configset.php in Sphider 1.3 and earlier, when register_globals is disa
23RISCO
abrir ↗Referência
Downline Goldmine Category Addon - SQL Injection
SQL injection vulnerability in tr.php in DownlineGoldmine Special Category Addon, Downline Builder Pro, New Addon, and D
23RISCO
abrir ↗Referência
IntelliTamper 2.0.7 - HTML Parser Remote Buffer Overflow (PoC)
Stack-based buffer overflow in the HTML parser in IntelliTamper 2.0.7 allows remote attackers to execute arbitrary code
23RISCO
abrir ↗Referência
IntelliTamper 2.0.7 - HTML Parser Remote Buffer Overflow
Stack-based buffer overflow in the HTML parser in IntelliTamper 2.0.7 allows remote attackers to execute arbitrary code
23RISCO
abrir ↗Referência
IntelliTamper 2.0.7 - HTML Parser Remote Buffer Overflow
Stack-based buffer overflow in the HTML parser in IntelliTamper 2.0.7 allows remote attackers to execute arbitrary code
23RISCO
abrir ↗Referência
Downline Goldmine newdownlinebuilder - SQL Injection
SQL injection vulnerability in tr.php in DownlineGoldmine Special Category Addon, Downline Builder Pro, New Addon, and D
23RISCO
abrir ↗Referência
Downline Goldmine paidversion - SQL Injection
SQL injection vulnerability in tr.php in DownlineGoldmine Special Category Addon, Downline Builder Pro, New Addon, and D
23RISCO
abrir ↗Referência
CVE-2022-34140
A stored cross-site scripting (XSS) vulnerability in /index.php?r=site%2Fsignup of Feehi CMS v2.1.1 allows attackers to
23RISCO
abrir ↗Referência
CVE-2022-34140
A stored cross-site scripting (XSS) vulnerability in /index.php?r=site%2Fsignup of Feehi CMS v2.1.1 allows attackers to
23RISCO
abrir ↗Referência
IntelliTamper 2.07/2.08 Beta 4 - A HREF Remote Buffer Overflow
Stack-based buffer overflow in the HTML parser in IntelliTamper 2.0.7 allows remote attackers to execute arbitrary code
23RISCO
abrir ↗Referência
CVE-2012-3549
The SCTP implementation in FreeBSD 8.2 allows remote attackers to cause a denial of service (NULL pointer dereference an
23RISCO
abrir ↗Referência
CVE-2021-27825
A directory traversal vulnerability on Mercury MAC1200R devices allows attackers to read arbitrary files via a web-stati
41RISCO
abrir ↗Referência
CVE-2013-3956
The NICM.SYS kernel driver 3.1.11.0 in Novell Client 4.91 SP5 on Windows XP and Windows Server 2003; Novell Client 2 SP2
38RISCO
abrir ↗Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.