Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,114cataloged exploits
31,649CVEs with public exploitation
0lab-tested
AllExploit-DB 22,469Referência 19,810GitHub PoC 13,116VulnCheck XDB 8,069Nuclei 4,188Metasploit 3,462✓ verified onlyrecentpopularrisk
22,469 exploits
Exploit-DB
WordPress Plugin ProfilePress 3.1.3 - Privilege Escalation (Unauthenticated)
ProfilePress 3.0 - 3.1.3 - Unauthenticated Privilege Escalation
75RISK
open ↗Exploit-DB
Strapi 3.0.0-beta - Set Password (Unauthenticated)
strapi before 3.0.0-beta.17.5 mishandles password resets within packages/strapi-admin/controllers/Auth.js and packages/s
60RISK
open ↗Exploit-DB
Strapi 3.0.0-beta.17.7 - Remote Code Execution (RCE) (Authenticated)
The Strapi framework before 3.0.0-beta.17.8 is vulnerable to Remote Code Execution in the Install and Uninstall Plugin c
35RISK
open ↗Exploit-DB
HP OfficeJet 4630/7110 MYM1FN2025AR/2117A - Stored Cross-Site Scripting (XSS)
A potential security vulnerability has been identified for the HP OfficeJet 7110 Wide Format ePrinter that enables Cross
23RISK
open ↗Exploit-DB
crossfire-server 1.9.0 - 'SetUp()' Remote Buffer Overflow
Buffer overflow in the SetUp function in socket/request.c in CrossFire 1.9.0 allows remote attackers to execute arbitrar
28RISK
open ↗Exploit-DB
SonicWall NetExtender 10.2.0.300 - Unquoted Service Path
SonicWall NetExtender Windows client vulnerable to unquoted service path vulnerability, this allows a local attacker to
23RISK
open ↗Exploit-DB
Altova MobileTogether Server 7.3 - XML External Entity Injection (XXE)
Altova MobileTogether Server before 7.3 SP1 allows XXE attacks, such as an InfoSetChanges/Changes attack against /workfl
35RISK
open ↗Exploit-DB
Cockpit CMS 0.11.1 - 'Username Enumeration & Password Reset' NoSQL Injection
Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php resetpassword function.
60RISK
open ↗Exploit-DB
Amica Prodigy 1.7 - Privilege Escalation
A vulnerability was found in CIR 2000 / Gestionale Amica Prodigy v1.7. The Amica Prodigy's executable "RemoteBackup.Serv
23RISK
open ↗Exploit-DB
Xiaomi browser 10.2.4.g - Browser Search History Disclosure
Xiaomi Stock Browser 10.2.4.g on Xiaomi Redmi Note 5 Pro devices and other Redmi Android phones allows content provider
28RISK
open ↗Exploit-DB
Cockpit CMS 0.11.1 - 'Username Enumeration & Password Reset' NoSQL Injection
Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php newpassword function.
60RISK
open ↗Exploit-DB
CMSuno 1.7 - 'tgo' Stored Cross-Site Scripting (XSS) (Authenticated)
CMSuno 1.7 is vulnerable to an authenticated stored cross site scripting in modifying the filename parameter (tgo) while
23RISK
open ↗Exploit-DB
qdPM 9.1 - Remote Code Execution (Authenticated)
A remote code execution (RCE) vulnerability exists in qdPM 9.1 and earlier. An attacker can upload a malicious PHP code
60RISK
open ↗Exploit-DB
ApacheOfBiz 17.12.01 - Remote Command Execution (RCE)
XML-RPC request are vulnerable to unsafe deserialization and Cross-Site Scripting issues in Apache OFBiz 17.12.03
60RISK
open ↗Exploit-DB
CloverDX 5.9.0 - Cross-Site Request Forgery (CSRF)
A Cross Site Request Forgery (CSRF) issue in Server Console in CloverDX through 5.9.0 allows remote attackers to execute
23RISK
open ↗Exploit-DB
Elasticsearch ECE 7.13.3 - Anonymous Database Dump
All versions of Elastic Cloud Enterprise has the Elasticsearch “anonymous” user enabled by default in deployed clusters.
28RISK
open ↗Exploit-DB
Microsoft SharePoint Server 2019 - Remote Code Execution (2)
A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the softwar
100RISK
open ↗Exploit-DB
ElasticSearch 7.13.3 - Memory disclosure
A memory disclosure vulnerability was identified in Elasticsearch 7.10.0 to 7.13.3 error reporting. A user with the abil
60RISK
open ↗Exploit-DB
Webmin 1.973 - 'run.cgi' Cross-Site Request Forgery (CSRF)
Webmin 1.973 is affected by reflected Cross Site Scripting (XSS) to achieve Remote Command Execution through Webmin's ru
35RISK
open ↗Exploit-DB
WordPress Plugin LearnPress 3.2.6.7 - 'current_items' SQL Injection (Authenticated)
LearnPress Wordpress plugin version prior and including 3.2.6.7 is vulnerable to SQL Injection
50RISK
open ↗Exploit-DB
PEEL Shopping 9.3.0 - 'id' Time-based SQL Injection
PEEL Shopping version 9.4.0 allows remote SQL injection. A public user/guest (unauthenticated) can inject a malicious SQ
23RISK
open ↗Exploit-DB
Aruba Instant 8.7.1.0 - Arbitrary File Modification
A remote arbitrary file modification vulnerability was discovered in some Aruba Instant Access Point (IAP) products in v
28RISK
open ↗Exploit-DB
ForgeRock Access Manager 14.6.3 - Remote Code Execution (RCE) (Unauthenticated)
ForgeRock AM server before 7.0 has a Java deserialization vulnerability in the jato.pageSession parameter on multiple pa
100RISK
open ↗Exploit-DB
Aruba Instant (IAP) - Remote Code Execution
A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant Access Point (IAP) products
28RISK
open ↗Exploit-DB
Aruba Instant (IAP) - Remote Code Execution
A remote cross-site scripting (xss) vulnerability was discovered in some Aruba Instant Access Point (IAP) products in ve
43RISK
open ↗Exploit-DB
WordPress Plugin Popular Posts 5.3.2 - Remote Code Execution (RCE) (Authenticated)
WordPress Popular Posts <= 5.3.2 Authenticated Arbitrary File Upload
78RISK
open ↗Exploit-DB
Aruba Instant (IAP) - Remote Code Execution
A remote arbitrary file read vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s
35RISK
open ↗Exploit-DB
Aruba Instant (IAP) - Remote Code Execution
A remote arbitrary file read vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s
28RISK
open ↗Exploit-DB
Aruba Instant (IAP) - Remote Code Execution
A remote arbitrary file modification vulnerability was discovered in some Aruba Instant Access Point (IAP) products in v
23RISK
open ↗Exploit-DB
Aruba Instant (IAP) - Remote Code Execution
A remote arbitrary directory create vulnerability was discovered in some Aruba Instant Access Point (IAP) products in ve
35RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.