Public exploitation

Exploit catalog

Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.

71,062cataloged exploits
31,617CVEs with public exploitation
0lab-tested
4,187 exploits
Nucleihigh
Argus Surveillance DVR 4.0.0.0 - Local File Inclusion
Argus Surveillance DVR 4.0.0.0 devices allow Unauthenticated Directory Traversal, leading to File Disclosure via a ..%2F
60RISK
open
Nucleihigh
DotNetNuke 9.2 - 9.2.1 - Weak Encryption & Cookie Deserialization
CVE-2018-15811HIGHunder attack
DNN (aka DotNetNuke) 9.2 through 9.2.1 uses a weak encryption algorithm to protect input parameters.
100RISK
open
Nucleimedium
Jorani Leave Management System 0.6.5 - Cross-Site Scripting
Persistent cross-site scripting (XSS) issues in Jorani 0.6.5 allow remote attackers to inject arbitrary web script or HT
38RISK
open
Nucleicritical
Adobe ColdFusion - Unrestricted File Upload Remote Code Execution
CVE-2018-15961CRITICALunder attack
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have an unr
100RISK
open
Nucleimedium
WirelessHART Fieldgate SWG70 3.0 - Local File Inclusion
Endress+Hauser WirelessHART Fieldgate SWG70 3.x devices allow Directory Traversal via the fcgi-bin/wgsetcgi filename par
43RISK
open
Nucleimedium
Cybrotech CyBroHttpServer 1.0.3 - Local File Inclusion
Cybrotech CyBroHttpServer 1.0.3 allows Directory Traversal via a ../ in the URI.
50RISK
open
Nucleimedium
BIBLIOsoft BIBLIOpac 2008 - Cross-Site Scripting
Cross-site scripting (XSS) vulnerability in BIBLIOsoft BIBLIOpac 2008 allows remote attackers to inject arbitrary web sc
18RISK
open
Nucleicritical
WordPress Gift Voucher <4.1.8 - Blind SQL Injection
The Gift Vouchers plugin through 2.0.1 for WordPress allows SQL Injection via the template_id parameter in a wp-admin/ad
30RISK
open
Nucleicritical
LogonTracer <=1.2.0 - Remote Command Injection
LogonTracer 1.2.0 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors.
60RISK
open
Nucleicritical
WordPress Plugin Wechat Broadcast 1.2.0 - Local File Inclusion
The Wechat Broadcast plugin 1.2.0 and earlier for WordPress allows Directory Traversal via the Image.php url parameter.
50RISK
open
Nucleihigh
LG SuperSign EZ CMS 2.5 - Local File Inclusion
LG SuperSign CMS allows reading of arbitrary files via signEzUI/playlist/edit/upload/..%2f URIs.
50RISK
open
Nucleihigh
WordPress Localize My Post 1.0 - Local File Inclusion
The Localize My Post plugin 1.0 for WordPress allows Directory Traversal via the ajax/include.php file parameter.
50RISK
open
Nucleimedium
WordPress File Manager < 3.0 - Cross-Site Scripting
The mndpsingh287 File Manager plugin V2.9 for WordPress has XSS via the lang parameter in a wp-admin/admin.php?page=wp_f
18RISK
open
Nucleimedium
CirCarLife <4.3 - Improper Authentication
An issue was discovered in CIRCONTROL CirCarLife before 4.3. There is internal installation path disclosure due to the l
18RISK
open
Nucleimedium
CirCarLife <4.3 - Improper Authentication
An issue was discovered in CIRCONTROL CirCarLife before 4.3. There is PLC status disclosure due to lack of authenticatio
23RISK
open
Nucleimedium
CirCarLife <4.3 - Improper Authentication
An issue was discovered in CIRCONTROL CirCarLife before 4.3. There is system software information disclosure due to lack
18RISK
open
Nucleicritical
NCBI ToolBox - Directory Traversal
A path traversal vulnerability exists in viewcgi.c in the 2.0.7 through 2.2.26 legacy versions of the NCBI ToolBox, whic
18RISK
open
Nucleimedium
Eventum <3.4.0 - Open Redirect
Eventum before 3.4.0 has an open redirect vulnerability.
18RISK
open
Nucleicritical
FUEL CMS 1.4.1 - Remote Code Execution
FUEL CMS 1.4.1 allows PHP Code Evaluation via the pages/select/ filter parameter or the preview/ data parameter. This ca
60RISK
open
Nucleicritical
Rubedo CMS <=3.4.0 - Directory Traversal
Rubedo through 3.4.0 contains a Directory Traversal vulnerability in the theme component, allowing unauthenticated attac
50RISK
open
Nucleimedium
Monstra CMS 3.0.4 - HTTP Header Injection
Monstra CMS V3.0.4 allows HTTP header injection in the plugins/captcha/crypt/cryptographp.php cfg parameter, a related i
18RISK
open
Nucleimedium
Apache2 - Transfer-Encoding Chunked XSS
The Apache2 component in PHP before 5.6.38, 7.0.x before 7.0.32, 7.1.x before 7.1.22, and 7.2.x before 7.2.10 allows XSS
18RISK
open
Nucleicritical
Western Digital MyCloud NAS - Authentication Bypass
It was discovered that the Western Digital My Cloud device before 2.30.196 is affected by an authentication bypass vulne
40RISK
open
Nucleicritical
LG Supersign EZ CMS - Remote Code Execution
LG SuperSign CMS allows remote attackers to execute arbitrary code via the sourceUri parameter to qsr_server/device/getT
50RISK
open
Nucleicritical
WordPress Duplicator Plugin < 1.2.42 - Arbitrary Code Execution
An issue was discovered in Snap Creek Duplicator before 1.2.42. By accessing leftover installer files (installer.php and
30RISK
open
Nucleicritical
Kibana - Local File Inclusion
Kibana versions before 6.4.3 and 5.6.13 contain an arbitrary file inclusion flaw in the Console plugin. An attacker with
60RISK
open
Nucleicritical
Joomla! JCK Editor SQL Injection
The JCK Editor component 6.4.4 for Joomla! allows SQL Injection via the jtreelink/dialogs/links.php parent parameter.
60RISK
open
Nucleihigh
Zoho ManageEngine OpManager - SQL Injection
Zoho ManageEngine OpManager before 12.3 Build 123196 does not require authentication for /oputilsServlet requests, as de
30RISK
open
Nucleimedium
DotCMS < 5.0.2 - Open Redirect
dotCMS before 5.0.2 has open redirects via the html/common/forward_js.jsp FORWARD_URL parameter or the html/portlet/ext/
18RISK
open
Nucleicritical
Comodo Unified Threat Management Web Console - Remote Code Execution
Web Console in Comodo UTM Firewall before 2.7.0 allows remote attackers to execute arbitrary code without authentication
60RISK
open

We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.