Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,114cataloged exploits
31,649CVEs with public exploitation
0lab-tested
AllExploit-DB 22,469Referência 19,810GitHub PoC 13,116VulnCheck XDB 8,069Nuclei 4,188Metasploit 3,462✓ verified onlyrecentpopularrisk
4,188 exploits
Nucleihigh
Apache Tomcat `CGIServlet` enableCmdLineArguments - Remote Code Execution
When running on Windows with enableCmdLineArguments enabled, the CGI Servlet in Apache Tomcat 9.0.0.M1 to 9.0.17, 8.5.0
60RISK
open ↗Nucleihigh
Jenkins Script Security Plugin <=1.49 - Sandbox Bypass
A sandbox bypass vulnerability exists in Script Security Plugin 1.49 and earlier in src/main/java/org/jenkinsci/plugins/
60RISK
open ↗Nucleicritical
Kentico CMS Insecure Deserialization Remote Code Execution
An issue was discovered in Kentico 12.0.x before 12.0.15, 11.0.x before 11.0.48, 10.0.x before 10.0.52, and 9.x versions
100RISK
open ↗Nucleimedium
Apache HTTP Server <=2.4.39 - HTML Injection/Partial Cross-Site Scripting
In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the mod_proxy error page
60RISK
open ↗Nucleimedium
Apache HTTP server v2.4.0 to v2.4.39 - Open Redirect
In Apache HTTP server 2.4.0 to 2.4.39, Redirects configured with mod_rewrite that were intended to be self-referential m
60RISK
open ↗Nucleimedium
Timesheet Next Gen <=1.5.3 - Cross-Site Scripting
Timesheet Next Gen 1.5.3 and earlier is affected by: Cross Site Scripting (XSS). The impact is: Allows an attacker to ex
18RISK
open ↗Nucleimedium
Babel - Open Redirect
Babel: Multilingual site Babel All is affected by: Open Redirection. The impact is: Redirection to any URL, which is sup
18RISK
open ↗Nucleicritical
Teclib GLPI <= 9.3.3 - Unauthenticated SQL Injection
Teclib GLPI through 9.3.3 has SQL injection via the "cycle" parameter in /scripts/unlock_tasks.php.
23RISK
open ↗Nucleimedium
Jenkins <=2.196 - Cookie Exposure
Jenkins 2.196 and earlier, LTS 2.176.3 and earlier printed the value of the "Cookie" HTTP request header on the /whoAmI/
30RISK
open ↗Nucleimedium
Jenkins build-metrics 1.3 - Cross-Site Scripting
A reflected cross-site scripting vulnerability in Jenkins build-metrics Plugin allows attackers to inject arbitrary HTML
50RISK
open ↗Nucleicritical
WordPress Google Maps <7.11.18 - SQL Injection
In the wp-google-maps plugin before 7.11.18 for WordPress, includes/class.rest-api.php in the REST API does not sanitize
40RISK
open ↗Nucleihigh
BlogEngine.NET 3.3.7.0 - Local File Inclusion
BlogEngine.NET 3.3.7.0 allows /api/filemanager Directory Traversal via the path parameter.
18RISK
open ↗Nucleicritical
mongo-express Remote Code Execution
mongo-express before 0.54.0 is vulnerable to Remote Code Execution via endpoints that uses the `toBSON` method. A misuse
100RISK
open ↗Nucleimedium
Nimble Streamer <=3.5.4-9 - Local File Inclusion
Nimble Streamer 3.0.2-2 through 3.5.4-9 has a ../ directory traversal vulnerability. Successful exploitation could allow
43RISK
open ↗Nucleihigh
Debug Endpoint pprof - Exposure Detection
Kubernetes kubelet exposes /debug/pprof info on healthz port
40RISK
open ↗Nucleihigh
Kubernetes API Server - YAML Parsing DoS (Billion Laughs)
Kubernetes API Server JSON/YAML parsing vulnerable to resource exhaustion attack
41RISK
open ↗Nucleimedium
Carel pCOWeb <B1.2.4 - Cross-Site Scripting
Stored XSS was discovered in Carel pCOWeb prior to B1.2.4, as demonstrated by the config/pw_snmp.html "System contact" f
38RISK
open ↗Nucleimedium
Pulse Secure Pulse Connect Secure - Cross-Site Scripting (Reflected)
In Pulse Secure Pulse Connect Secure (PCS) 8.3.x before 8.3R7.1 and 9.0.x before 9.0R3, an XSS issue has been found on t
28RISK
open ↗Nucleicritical
Pulse Connect Secure SSL VPN Arbitrary File Read
In Pulse Secure Pulse Connect Secure (PCS) 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4, an unauthent
100RISK
open ↗Nucleicritical
Atlassian Crowd and Crowd Data Center - Unauthenticated Remote Code Execution
Atlassian Crowd and Crowd Data Center had the pdkinstall development plugin incorrectly enabled in release builds. Attac
100RISK
open ↗Nucleicritical
Atlassian Jira Server-Side Template Injection
There was a server-side template injection vulnerability in Jira Server and Data Center, in the ContactAdministrators an
100RISK
open ↗Nucleimedium
WordPress Yuzo <5.12.94 - Cross-Site Scripting
The Yuzo Related Posts plugin 5.12.94 for WordPress has XSS because it mistakenly expects that is_admin() verifies that
18RISK
open ↗Nucleihigh
Yellow Pencil Visual Theme Customizer < 7.2.1 - Privilege Escalation
The WaspThemes Visual CSS Style Editor (aka yellow-pencil-visual-theme-customizer) plugin before 7.2.1 for WordPress all
18RISK
open ↗Nucleihigh
GrandNode 4.40 - Local File Inclusion
A Path Traversal vulnerability in Controllers/LetsEncryptController.cs in LetsEncryptController in GrandNode 4.40 allows
50RISK
open ↗Nucleicritical
Deltek Maconomy 2.2.5 - Local File Inclusion
Deltek Maconomy 2.2.5 is prone to local file inclusion via absolute path traversal in the WS.macx1.W_MCS/ PATH_INFO, as
60RISK
open ↗Nucleimedium
WebPort 1.19.1 - Cross-Site Scripting
Web Port 1.19.1 allows XSS via the /log type parameter.
38RISK
open ↗Nucleimedium
Zyxel ZyWal/USG/UAG Devices - Cross-Site Scripting
A reflective Cross-site scripting (XSS) vulnerability in the free_time_failed.cgi CGI program in selected Zyxel ZyWall,
18RISK
open ↗Nucleicritical
Zyxel ZyWall UAG/USG - Account Creation Access
Missing Access Control in the "Free Time" component of several Zyxel UAG, USG, and ZyWall devices allows a remote attack
30RISK
open ↗Nucleihigh
IceWarp Mail Server <=10.4.4 - Local File Inclusion
IceWarp Mail Server through 10.4.4 is prone to a local file inclusion vulnerability via webmail/calendar/minimizer/index
50RISK
open ↗Nucleicritical
Zeroshell 3.9.0 - Remote Command Execution
Zeroshell 3.9.0 is prone to a remote command execution vulnerability. Specifically, this issue occurs because the web ap
60RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.