Public exploitation

Exploit catalog

Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.

71,062cataloged exploits
31,617CVEs with public exploitation
0lab-tested
4,187 exploits
Nucleimedium
OEcms 3.1 - Cross-Site Scripting
A Reflected Cross-Site Scripting web vulnerability has been discovered in the OEcms v3.1 web-application. The vulnerabil
38RISK
open
Nucleicritical
Dell EMC Avamar and Integrated Data Protection Appliance Installation Manager - Invalid Access Control
Avamar Installation Manager in Dell EMC Avamar Server 7.3.1, 7.4.1, and 7.5.0, and Dell EMC Integrated Data Protection A
50RISK
open
Nucleihigh
Seagate NAS OS 4.3.15.1 - Server Information Disclosure
Insufficient access control in /api/external/7.0/system.System.get_infos in Seagate NAS OS version 4.3.15.1 allows attac
23RISK
open
Nucleimedium
Seagate NAS OS 4.3.15.1 - Open Redirect
Arbitrary Redirect in echo-server.html in Seagate NAS OS version 4.3.15.1 allows attackers to disclose information in th
18RISK
open
Nucleicritical
Intelbras NPLUG 1.0.0.14 - Authentication Bypass
Intelbras NPLUG 1.0.0.14 wireless repeater devices have a critical vulnerability that allows an attacker to authenticate
18RISK
open
Nucleihigh
PhpMyAdmin <4.8.2 - Local File Inclusion
An issue was discovered in phpMyAdmin 4.8.x before 4.8.2, in which an attacker can include (view and potentially execute
60RISK
open
Nucleicritical
CirCarLife Scada <4.3 - System Log Exposure
CirCarLife Scada before 4.3 allows remote attackers to obtain sensitive information via a direct request for the html/lo
50RISK
open
Nucleimedium
SV3C HD Camera L Series - Open Redirect
The SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B) does not perform origin
18RISK
open
Nucleimedium
Spring MVC Framework - Local File Inclusion
Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow app
30RISK
open
Nucleicritical
Spring Data Commons - Remote Code Execution
CVE-2018-1273CRITICALunder attackransomware
Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property
100RISK
open
Nucleihigh
Webgrind <= 1.5 - Local File Inclusion
Webgrind 1.5 relies on user input to display a file, which lets anyone view files from the local filesystem (that the we
23RISK
open
Nucleimedium
Zoho manageengine - Cross-Site Scripting
A reflected Cross-site scripting (XSS) vulnerability in Zoho ManageEngine Netflow Analyzer before build 123137, Network
40RISK
open
Nucleimedium
TOTOLINK A3002RU 1.0.8 - Information Disclosure
Password disclosure in password.htm in TOTOLINK A3002RU version 1.0.8 allows attackers to obtain the plaintext password
18RISK
open
Nucleihigh
Apache Tika < 1.1.8 - Header Command Injection
From Apache Tika versions 1.7 to 1.17, clients could send carefully crafted headers to tika-server that could be used to
60RISK
open
Nucleicritical
Fortinet FortiOS - Credentials Disclosure
CVE-2018-13379CRITICALunder attackransomware
An Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.
100RISK
open
Nucleimedium
Fortinet FortiOS - Cross-Site Scripting
A Cross-site Scripting (XSS) vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.7, 5.4.0 to 5.4.12, 5.2 and
40RISK
open
Nucleimedium
Zeta Producer Desktop CMS <14.2.1 - Local File Inclusion
The websites that were built from Zeta Producer Desktop CMS before 14.2.1 are vulnerable to unauthenticated file disclos
38RISK
open
Nucleimedium
Synacor Zimbra Collaboration Suite Collaboration <8.8.11 - Cross-Site Scripting
Synacor Zimbra Collaboration Suite Collaboration before 8.8.11 has XSS in the AJAX and html web clients.
18RISK
open
Nucleicritical
VelotiSmart Wifi - Directory Traversal
The uc-http service 1.0.0 on VelotiSmart WiFi B-380 camera devices allows Directory Traversal, as demonstrated by /../..
50RISK
open
Nucleimedium
Orange Forum 1.4.0 - Open Redirect
views/auth.go in Orange Forum 1.4.0 allows Open Redirection via the next parameter to /login or /signup.
18RISK
open
Nucleimedium
Django - Open Redirect
django.middleware.common.CommonMiddleware in Django 1.11.x before 1.11.15 and 2.0.x before 2.0.8 has an Open Redirect.
23RISK
open
Nucleicritical
Responsive filemanager 9.13.1 Server-Side Request Forgery
upload.php in Responsive FileManager 9.13.1 allows SSRF via the url parameter.
60RISK
open
Nucleihigh
cgit < 1.2.1 - Directory Traversal
cgit_clone_objects in CGit before 1.2.1 has a directory traversal vulnerability when `enable-http-clone=1` is not turned
60RISK
open
Nucleicritical
Loytec LGATE-902 <6.4.2 - Local File Inclusion
LOYTEC LGATE-902 6.3.2 devices allow Arbitrary file deletion.
23RISK
open
Nucleihigh
LOYTEC LGATE-902 6.3.2 - Local File Inclusion
LOYTEC LGATE-902 6.3.2 devices allow Directory Traversal.
23RISK
open
Nucleimedium
Polarisft Intellect Core Banking Software Version 9.7.1 - Open Redirect
An issue was discovered in the Core and Portal modules in Polaris FT Intellect Core Banking 9.7.1. An open redirect exis
18RISK
open
Nucleicritical
NUUO NVRmini - Remote Command Execution
CVE-2018-14933CRITICALunder attack
upgrade_handle.php on NUUO NVRmini devices allows Remote Command Execution via shell metacharacters in the uploaddir par
100RISK
open
Nucleihigh
LG-Ericsson iPECS NMS 30M - Local File Inclusion
Ericsson-LG iPECS NMS 30M allows directory traversal via ipecs-cm/download?filename=../ URIs.
23RISK
open
Nucleihigh
D-Link Central WifiManager - Server-Side Request Forgery
The MailConnect feature on D-Link Central WiFiManager CWM-100 1.03 r0098 devices is intended to check a connection to an
30RISK
open
Nucleihigh
Responsive FileManager <9.13.4 - Local File Inclusion
/filemanager/ajax_calls.php in tecrail Responsive FileManager before 9.13.4 uses external input to construct a pathname
50RISK
open

We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.