Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,062cataloged exploits
31,617CVEs with public exploitation
0lab-tested
AllExploit-DB 22,467Referência 19,791GitHub PoC 13,086VulnCheck XDB 8,069Nuclei 4,187Metasploit 3,462✓ verified onlyrecentpopularrisk
22,467 exploits
Exploit-DB
Nacos 2.0.3 - Access Control vulnerability
An Access Control vulnerability exists in Nacos 2.0.3 in the access prompt page; enter username and password, click on l
23RISK
open ↗Exploit-DB
sudo 1.8.0 to 1.9.12p1 - Privilege Escalation
In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environmen
68RISK
open ↗Exploit-DB
GLPI v10.0.2 - SQL Injection (Authentication Depends on Configuration)
SQL injection with _actor parameter in GLPI
48RISK
open ↗Exploit-DB
sleuthkit 4.11.1 - Command Injection
OS Command injection vulnerability in sleuthkit fls tool 4.11.1 allows attackers to execute arbitrary commands via a cra
41RISK
open ↗Exploit-DB
Roxy WI v6.1.1.0 - Unauthenticated Remote Code Execution (RCE) via ssl_cert Upload
Roxy-WI Vulnerable to Unauthenticated Remote Code Execution via ssl_cert Upload
68RISK
open ↗Exploit-DB
Reprise Software RLM v14.2BL4 - Cross-Site Scripting (XSS)
XSS in signing form in Reprise Software RLM License Administration v14.2BL4 allows remote attacker to inject arbitrary c
33RISK
open ↗Exploit-DB
Enlightenment v0.25.3 - Privilege escalation
enlightenment_sys in Enlightenment before 0.25.4 allows local users to gain privileges because it is setuid root, and th
56RISK
open ↗Exploit-DB
Yahoo User Interface library (YUI2) TreeView v2.8.2 - Multiple Reflected Cross Site Scripting (XSS)
Reflected cross-site scripting (XSS) exists in Sandbox examples in the YUI2 repository. The download distributions, Tree
38RISK
open ↗Exploit-DB
TP-Link TL-WR902AC firmware 210730 (V3) - Remote Code Execution (RCE) (Authenticated)
TP-Link TL-WR902AC devices through V3 0.9.1 allow remote authenticated attackers to execute arbitrary code or cause a De
53RISK
open ↗Exploit-DB
perfSONAR v4.4.5 - Partial Blind CSRF
perfSONAR v4.x <= v4.4.5 was discovered to contain a Cross-Site Request Forgery (CSRF) which is triggered when an attack
33RISK
open ↗Exploit-DB
Nexxt Router Firmware 42.103.1.5095 - Remote Code Execution (RCE) (Authenticated)
The web service on Nexxt Amp300 ARN02304U8 42.103.1.5095 and 80.103.2.5045 devices allows remote OS command execution by
53RISK
open ↗Exploit-DB
GitLab v15.3 - Remote Code Execution (RCE) (Authenticated)
A vulnerability in GitLab CE/EE affecting all versions from 11.3.4 prior to 15.1.5, 15.2 to 15.2.3, 15.3 to 15.3 to 15.3
70RISK
open ↗Exploit-DB
Apache 2.4.x - Buffer Overflow
Possible buffer overflow when parsing multipart content in mod_lua of Apache HTTP Server 2.4.51 and earlier
45RISK
open ↗Exploit-DB
Centos Web Panel 7 v0.9.8.1147 - Unauthenticated Remote Code Execution (RCE)
login/index.php in CWP (aka Control Web Panel or CentOS Web Panel) 7 before 0.9.8.1147 allows remote attackers to execut
100RISK
open ↗Exploit-DB
AD Manager Plus 7122 - Remote Code Execution (RCE)
Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints
100RISK
open ↗Exploit-DB
rconfig 3.9.7 - Sql Injection (Authenticated)
A SQL injection vulnerability in rConfig 3.9.7 exists via lib/ajaxHandlers/ajaxCompareGetCmdDates.php?command= (this may
41RISK
open ↗Exploit-DB
qubes-mirage-firewall v0.8.3 - Denial Of Service (DoS)
qubes-mirage-firewall (aka Mirage firewall for QubesOS) 0.8.x through 0.8.3 allows guest OS users to cause a denial of s
61RISK
open ↗Exploit-DB
Cacti v1.2.22 - Remote Command Execution (RCE)
Unauthenticated Command Injection
100RISK
open ↗Exploit-DB
EQ Enterprise management system v2.2.0 - SQL Injection
EQ v1.5.31 to v2.2.0 was discovered to contain a SQL injection vulnerability via the UserPwd parameter.
48RISK
open ↗Exploit-DB
Device Manager Express 7.8.20002.47752 - Remote Code Execution (RCE)
An issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752. It is an unauthenticated SQL injec
68RISK
open ↗Exploit-DB
Device Manager Express 7.8.20002.47752 - Remote Code Execution (RCE)
An issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752. Remote code execution can be achie
60RISK
open ↗Exploit-DB
LISTSERV 17 - Reflected Cross Site Scripting (XSS)
A cross-site scripting (XSS) vulnerability in the LISTSERV 17 web interface allows remote attackers to inject arbitrary
48RISK
open ↗Exploit-DB
Device Manager Express 7.8.20002.47752 - Remote Code Execution (RCE)
An issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752. It is directory traversal during f
28RISK
open ↗Exploit-DB
Device Manager Express 7.8.20002.47752 - Remote Code Execution (RCE)
An issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752. BrowseFiles.php allows a ?cmd=ssh
28RISK
open ↗Exploit-DB
LISTSERV 17 - Insecure Direct Object Reference (IDOR)
The LISTSERV 17 web interface allows remote attackers to conduct Insecure Direct Object References (IDOR) attacks via a
41RISK
open ↗Exploit-DB
CrowdStrike Falcon AGENT 6.44.15806 - Uninstall without Installation Token
CrowdStrike Falcon Uninstallation authorization
28RISK
open ↗Exploit-DB
WP All Import v3.6.7 - Remote Code Execution (RCE) (Authenticated)
Import any XML or CSV File to WordPress <= 3.6.7 - Admin+ Malicious File Upload
46RISK
open ↗Exploit-DB
OPSWAT Metadefender Core - Privilege Escalation
OPSWAT MetaDefender Core before 5.1.2, MetaDefender ICAP before 4.12.1, and MetaDefender Email Gateway Security before 5
23RISK
open ↗Exploit-DB
Tapo C310 RTSP server v1.3.0 - Unauthorised Video Stream Access
TP-Link Tapo C310 1.3.0 devices allow access to the RTSP video feed via credentials of User --- and Password TPL07552646
41RISK
open ↗Exploit-DB
Pega Platform 8.1.0 - Remote Code Execution (RCE)
If an on-premise installation of the Pega Platform is configured with the port for the JMX interface exposed to the Inte
48RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.