Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,097cataloged exploits
31,644CVEs with public exploitation
0lab-tested
AllExploit-DB 22,469Referência 19,810GitHub PoC 13,099VulnCheck XDB 8,069Nuclei 4,188Metasploit 3,462✓ verified onlyrecentpopularrisk
3,462 exploits
Metasploit300
Cisco 7937G SSH Privilege Escalation
A privilege escalation issue in Cisco Unified IP Conference Station 7937G 1-4-4-0 through 1-4-5-7 allows attackers to re
23RISK
open ↗Metasploit300
Cisco 7937G Denial-of-Service Reboot Attack
A denial-of-service in Cisco Unified IP Conference Station 7937G 1-4-4-0 through 1-4-5-7 allows attackers restart the de
40RISK
open ↗Metasploit300
Cisco 7937G Denial-of-Service Attack
A denial-of-service issue in Cisco Unified IP Conference Station 7937G 1-4-4-0 through 1-4-5-7 allows attackers to remot
23RISK
open ↗Metasploit300
Directory Traversal in Spring Cloud Config Server
Directory Traversal with spring-cloud-config-server
100RISK
open ↗Metasploit300
Cisco DCNM auth bypass
Cisco Data Center Network Manager Authentication Bypass Vulnerabilities
85RISK
open ↗Metasploit300
Documalis Free PDF Editor and Scanner JPEG Stack Buffer Overflow
Documalis Free PDF Editor / Free PDF Scanner Stack Based Buffer Overflow
28RISK
open ↗Metasploit600
Geutebruck testaction.cgi Remote Command Execution
Using a specially crafted URL command, a remote authenticated user can execute commands as root on the G-Cam and G-Code
30RISK
open ↗Metasploit300
BIND TSIG Badtime Query Denial of Service
A logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c
78RISK
open ↗Metasploit600
LinuxKI Toolset 6.01 Remote Command Execution
LinuxKI v6.0-1 and earlier is vulnerable to an remote code execution which is resolved in release 6.0-2.
60RISK
open ↗Metasploit600
Plesk/myLittleAdmin ViewState .NET Deserialization
The management tool in MyLittleAdmin 3.8 allows remote attackers to execute arbitrary code because machineKey is hardcod
60RISK
open ↗Metasploit300
WordPress ChopSlider3 id SQLi Scanner
A blind SQL injection vulnerability is present in Chop Slider 3, a WordPress plugin. The vulnerability is introduced in
60RISK
open ↗Metasploit600
Wordpress Drag and Drop Multi File Uploader RCE
The drag-and-drop-multiple-file-upload-contact-form-7 plugin before 1.3.3.3 for WordPress allows Unrestricted File Uploa
60RISK
open ↗Metasploit600
Pi-Hole heisenbergCompensator Blocklist OS Command Execution
The Gravity updater in Pi-hole through 4.4 allows an authenticated adversary to upload arbitrary files. This can be abus
60RISK
open ↗Metasploit500
Bolt CMS 3.7.0 - Authenticated Remote Code Execution
Bolt CMS Authenticated Remote Code Execution via Profile Injection and File Rename
36RISK
open ↗Metasploit300
Plex Unpickle Dict Windows RCE
Deserialization of Untrusted Data in Plex Media Server on Windows allows a remote, authenticated attacker to execute arb
100RISK
open ↗Metasploit300
SaltStack Salt Master Server Root Key Disclosure
An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs cla
100RISK
open ↗Metasploit300
WebLogic Server Deserialization RCE BadAttributeValueExpException ExtComp
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions th
100RISK
open ↗Metasploit500
SaltStack Salt Master/Minion Unauthenticated RCE
An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs cla
100RISK
open ↗Metasploit500
SaltStack Salt Master/Minion Unauthenticated RCE
An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs cla
100RISK
open ↗Metasploit300
SaltStack Salt Master Server Root Key Disclosure
An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs cla
100RISK
open ↗Metasploit600
TP-Link Cloud Cameras NCXXX Bonjour Command Injection
Certain TP-Link devices allow Command Injection. This affects NC200 2.1.9 build 200225, NC210 1.0.9 build 200304, NC220
40RISK
open ↗Metasploit300
Wordpress LearnPress current_items Authenticated SQLi
LearnPress Wordpress plugin version prior and including 3.2.6.7 is vulnerable to SQL Injection
50RISK
open ↗Metasploit600
Netsweeper WebAdmin unixlogin.php Python Code Injection
Netsweeper through 6.4.3 allows unauthenticated remote code execution because webadmin/tools/unixlogin.php (with certain
40RISK
open ↗Metasploit600
TrixBox CE endpoint_devicemap.php Authenticated Command Execution
Fonality Trixbox CE Post-Authentication Command Injection
48RISK
open ↗Metasploit600
GOG GalaxyClientService Privilege Escalation
GOG Galaxy GalaxyClientService Privilege Escalation
36RISK
open ↗Metasploit400
WordPress Simple File List Unauthenticated Remote Code Execution
Simple File List < 4.2.3 - Remote Code Execution
68RISK
open ↗Metasploit300
IBM Data Risk Manager Arbitrary File Download
IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 could allow a remote attacker to bypass security rest
95RISK
open ↗Metasploit300
IBM Data Risk Manager Arbitrary File Download
IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 contains a default password for an IDRM administrativ
65RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.