Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,097cataloged exploits
31,644CVEs with public exploitation
0lab-tested
AllExploit-DB 22,469Referência 19,810GitHub PoC 13,099VulnCheck XDB 8,069Nuclei 4,188Metasploit 3,462✓ verified onlyrecentpopularrisk
4,187 exploits
Nucleimedium
WordPress Yuzo <5.12.94 - Cross-Site Scripting
The Yuzo Related Posts plugin 5.12.94 for WordPress has XSS because it mistakenly expects that is_admin() verifies that
18RISK
open ↗Nucleihigh
Yellow Pencil Visual Theme Customizer < 7.2.1 - Privilege Escalation
The WaspThemes Visual CSS Style Editor (aka yellow-pencil-visual-theme-customizer) plugin before 7.2.1 for WordPress all
18RISK
open ↗Nucleihigh
GrandNode 4.40 - Local File Inclusion
A Path Traversal vulnerability in Controllers/LetsEncryptController.cs in LetsEncryptController in GrandNode 4.40 allows
50RISK
open ↗Nucleicritical
Deltek Maconomy 2.2.5 - Local File Inclusion
Deltek Maconomy 2.2.5 is prone to local file inclusion via absolute path traversal in the WS.macx1.W_MCS/ PATH_INFO, as
60RISK
open ↗Nucleimedium
WebPort 1.19.1 - Cross-Site Scripting
Web Port 1.19.1 allows XSS via the /log type parameter.
38RISK
open ↗Nucleimedium
Zyxel ZyWal/USG/UAG Devices - Cross-Site Scripting
A reflective Cross-site scripting (XSS) vulnerability in the free_time_failed.cgi CGI program in selected Zyxel ZyWall,
18RISK
open ↗Nucleicritical
Zyxel ZyWall UAG/USG - Account Creation Access
Missing Access Control in the "Free Time" component of several Zyxel UAG, USG, and ZyWall devices allows a remote attack
30RISK
open ↗Nucleihigh
IceWarp Mail Server <=10.4.4 - Local File Inclusion
IceWarp Mail Server through 10.4.4 is prone to a local file inclusion vulnerability via webmail/calendar/minimizer/index
50RISK
open ↗Nucleicritical
Zeroshell 3.9.0 - Remote Command Execution
Zeroshell 3.9.0 is prone to a remote command execution vulnerability. Specifically, this issue occurs because the web ap
60RISK
open ↗Nucleihigh
Shopware < 5.5.8 - Cross-Site Scripting
Shopware before 5.5.8 has XSS via the Query String to the backend/Login or backend/Login/load/ URI.
36RISK
open ↗Nucleimedium
LiveZilla Server 8.0.1.0 - Cross-Site Scripting
LiveZilla Server before 8.0.1.1 is vulnerable to XSS in mobile/index.php via the Accept-Language HTTP header.
38RISK
open ↗Nucleicritical
Citrix SD-WAN Center - Remote Command Injection
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 1 of
30RISK
open ↗Nucleicritical
Citrix SD-WAN Center - Remote Command Injection
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 2 of
30RISK
open ↗Nucleicritical
Citrix SD-WAN Center - Remote Command Injection
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 3 of
30RISK
open ↗Nucleicritical
Citrix SD-WAN Center - Remote Command Injection
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 4 of
30RISK
open ↗Nucleicritical
Citrix SD-WAN and NetScaler SD-WAN - SQL Injection
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 allow SQL Injection.
100RISK
open ↗Nucleicritical
Citrix SD-WAN Center - Local File Inclusion
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 allow Directory Traversal.
30RISK
open ↗Nucleicritical
D-Link DIR-600M - Authentication Bypass
An issue was discovered on D-Link DIR-600M 3.02, 3.03, 3.04, and 3.06 devices. wan.htm can be accessed directly without
50RISK
open ↗Nucleicritical
D-Link Central WiFi Manager CWM(100) - Remote Code Execution
/web/Lib/Action/IndexAction.class.php in D-Link Central WiFi Manager CWM(100) before v1.03R0100_BETA6 allows remote atta
40RISK
open ↗Nucleimedium
MindPalette NateMail 3.0.15 - Cross-Site Scripting
A reflected Cross-Site Scripting (XSS) vulnerability in MindPalette NateMail 3.0.15 allows an attacker to execute remote
18RISK
open ↗Nucleimedium
FlightPath - Local File Inclusion
FlightPath 4.x and 5.0-x allows directory traversal and Local File Inclusion through the form_include parameter in an in
50RISK
open ↗Nucleicritical
Lansweeper Unauthenticated SQL Injection
Lansweeper before 7.1.117.4 allows unauthenticated SQL injection.
23RISK
open ↗Nucleihigh
Citrix StoreFront Server - XML External Entity
Citrix StoreFront Server before 1903, 7.15 LTSR before CU4 (3.12.4000), and 7.6 LTSR before CU8 (3.0.8000) allows XXE at
78RISK
open ↗Nucleihigh
WordPress Nevma Adaptive Images <0.6.67 - Local File Inclusion
A Local File Inclusion vulnerability in the Nevma Adaptive Images plugin before 0.6.67 for WordPress allows remote attac
30RISK
open ↗Nucleihigh
Nevma Adaptive Images - Arbitrary File Deletion
An Arbitrary File Deletion vulnerability in the Nevma Adaptive Images plugin before 0.6.67 for WordPress allows remote a
38RISK
open ↗Nucleimedium
Alfresco Share - Open Redirect
An issue was discovered in Alfresco Community Edition versions below 5.2.6, 6.0.N and 6.1.N. The Alfresco Share applicat
18RISK
open ↗Nucleihigh
T24 Web Server - Local File Inclusion
An issue was discovered in T24 in TEMENOS Channels R15.01. The login page presents JavaScript functions to access a docu
18RISK
open ↗Nucleimedium
Aptana Jaxer 1.0.3.4547 - Local File inclusion
Aptana Jaxer 1.0.3.4547 is vulnerable to a local file inclusion vulnerability in the wikilite source code viewer. This v
43RISK
open ↗Nucleihigh
Pallets Werkzeug <0.15.5 - Local File Inclusion
In Pallets Werkzeug before 0.15.5, SharedDataMiddleware mishandles drive names (such as C:) in Windows pathnames.
50RISK
open ↗Nucleimedium
WordPress UserPro 4.9.32 - Cross-Site Scripting
cosenary Instagram-PHP-API (aka Instagram PHP API V2), as used in the UserPro plugin through 4.9.32 for WordPress, has X
60RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.