Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,062cataloged exploits
31,617CVEs with public exploitation
0lab-tested
AllExploit-DB 22,467Referência 19,791GitHub PoC 13,086VulnCheck XDB 8,069Nuclei 4,187Metasploit 3,462✓ verified onlyrecentpopularrisk
3,462 exploits
Metasploit600
GLPI htmLawed php command injection
/vendor/htmlawed/htmlawed/htmLawedTest.php in the htmlawed module for GLPI through 10.0.2 allows PHP code injection.
100RISK
open ↗Metasploit600
Local Privilege Escalation in polkits pkexec
A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool
100RISK
open ↗Metasploit300
Wordpress RegistrationMagic task_ids Authenticated SQLi
RegistrationMagic < 5.0.1.6 - Admin+ SQL Injection
60RISK
open ↗Metasploit600
Oracle Access Manager unauthenticated Remote Code Execution
Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: OpenSSO Agent). Supported ver
95RISK
open ↗Metasploit600
TerraMaster TOS 4.2.15 or lower - RCE chain from unauthenticated to root via session crafting.
It is possible to execute arbitrary commands as root in Terramaster F4-210, F2-210 TOS 4.2.X (4.2.15-2107141517) by send
23RISK
open ↗Metasploit600
TerraMaster TOS 4.2.15 or lower - RCE chain from unauthenticated to root via session crafting.
In Terramaster F4-210, F2-210 TOS 4.2.X (4.2.15-2107141517), an attacker can self-sign session cookies by knowing the ta
18RISK
open ↗Metasploit600
TerraMaster TOS 4.2.15 or lower - RCE chain from unauthenticated to root via session crafting.
It is possible to obtain the first administrator's hash set up on the system in Terramaster F4-210, F2-210 TOS 4.2.X (4.
18RISK
open ↗Metasploit600
SonicWall SMA 100 Series Authenticated Command Injection
Improper neutralization of special elements in the SMA100 management interface '/cgi-bin/viewcert' POST http method allo
58RISK
open ↗Metasploit300
WordPress Modern Events Calendar SQLi Scanner
Modern Events Calendar < 6.1.5 - Unauthenticated Blind SQL Injection
60RISK
open ↗Metasploit600
MobileIron Core Unauthenticated JNDI Injection RCE (via Log4Shell)
Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints
100RISK
open ↗Metasploit300
Log4Shell HTTP Scanner
Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack
100RISK
open ↗Metasploit600
Microsoft Exchange Server ChainedSerializationBinder RCE
Microsoft Exchange Server Remote Code Execution Vulnerability
48RISK
open ↗Metasploit600
Microsoft Exchange Server ChainedSerializationBinder RCE
Microsoft Exchange Server Remote Code Execution Vulnerability
100RISK
open ↗Metasploit600
VMware vCenter Server Unauthenticated JNDI Injection RCE (via Log4Shell)
Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints
100RISK
open ↗Metasploit600
Log4Shell HTTP Header Injection
Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints
100RISK
open ↗Metasploit300
Log4Shell HTTP Scanner
Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints
100RISK
open ↗Metasploit600
UniFi Network Application Unauthenticated JNDI Injection RCE (via Log4Shell)
Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints
100RISK
open ↗Metasploit600
AjaxPro Deserialization Remote Code Execution
Deserialization of Untrusted Data
58RISK
open ↗Metasploit600
Ivanti Cloud Services Appliance (CSA) Command Injection
A code injection vulnerability in the Ivanti EPM Cloud Services Appliance (CSA) allows an unauthenticated user to execut
100RISK
open ↗Metasploit300
Wordpress Secure Copy Content Protection and Content Locking sccp_id Unauthenticated SQLi
Secure Copy Content Protection and Content Locking < 2.8.2 - Unauthenticated SQL Injection
60RISK
open ↗Metasploit600
Sitecore Experience Platform (XP) PreAuth Deserialization RCE
Sitecore XP 7.5 Initial Release to Sitecore XP 8.2 Update-7 is vulnerable to an insecure deserialization attack where it
100RISK
open ↗Metasploit600
Cisco RV Series Authentication Bypass and Command Injection
Cisco Small Business RV Series Routers Vulnerabilities
85RISK
open ↗Metasploit600
Cisco RV Series Authentication Bypass and Command Injection
Cisco Small Business RV Series Routers Vulnerabilities
85RISK
open ↗Metasploit300
ChurchInfo 1.2.13-1.3.0 Authenticated RCE
CartView.php in ChurchInfo 1.3.0 allows attackers to achieve remote code execution through insecure uploads. This requir
41RISK
open ↗Metasploit300
WordPress WPS Hide Login Login Page Revealer
WPS Hide Login < 1.9.1 - Protection Bypass with Referer-Header
40RISK
open ↗Metasploit600
Apache Storm Nimbus getTopologyHistory Unauthenticated Command Execution
Shell Command Injection Vulnerability in Nimbus Thrift Server
40RISK
open ↗Metasploit300
BillQuick Web Suite txtID SQLi
BQE BillQuick Web Suite 2018 through 2021 before 22.0.9.1 allows SQL injection for unauthenticated remote code execution
95RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.