Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,114cataloged exploits
31,649CVEs with public exploitation
0lab-tested
AllExploit-DB 22,469Referência 19,810GitHub PoC 13,116VulnCheck XDB 8,069Nuclei 4,188Metasploit 3,462✓ verified onlyrecentpopularrisk
4,188 exploits
Nucleimedium
Submitty <= 20.04.01 - Open Redirect
Submitty through 20.04.01 has an open redirect via authentication/login?old= during an invalid login attempt.
18RISK
open ↗Nucleihigh
Ultimate Addons for Elementor <= 1.24.1 - Registration Bypass
An issue was discovered in the "Ultimate Addons for Elementor" plugin before 1.24.2 for WordPress, as exploited in the w
36RISK
open ↗Nucleihigh
Artica Proxy Community Edition <4.30.000000 - Local File Inclusion
Artica Proxy before 4.30.000000 Community Edition allows Directory Traversal via the fw.progrss.details.php popup parame
30RISK
open ↗Nucleicritical
Netsweeper <=6.4.3 - Python Code Injection
Netsweeper through 6.4.3 allows unauthenticated remote code execution because webadmin/tools/unixlogin.php (with certain
40RISK
open ↗Nucleimedium
Contentful <=2020-05-21 - Cross-Site Scripting
Contentful through 2020-05-21 for Python allows reflected XSS, as demonstrated by the api parameter to the-example-app.p
18RISK
open ↗Nucleihigh
Grafana 3.0.1-7.0.1 - Server-Side Request Forgery
The avatar feature in Grafana 3.0.1 through 7.0.1 has an SSRF Incorrect Access Control issue. This vulnerability allows
60RISK
open ↗Nucleihigh
Microweber <1.1.20 - Information Disclosure
userfiles/modules/users/controller/controller.php in Microweber before 1.1.20 allows an unauthenticated user to disclose
23RISK
open ↗Nucleimedium
Bitrix24 <=20.0.0 - Cross-Site Scripting
The Web Application Firewall in Bitrix24 through 20.0.0 allows XSS via the items[ITEMS][ID] parameter to the components/
18RISK
open ↗Nucleicritical
rConfig 3.9 - Authentication Bypass(Admin Login)
lib/crud/userprocess.php in rConfig 3.9.x before 3.9.7 has an authentication bypass, leading to administrator account cr
40RISK
open ↗Nucleicritical
wpDiscuz <= 5.3.5 - SQL Injection
A SQL injection issue in the gVectors wpDiscuz plugin 5.3.5 and earlier for WordPress allows remote attackers to execute
23RISK
open ↗Nucleihigh
WordPress acf-to-rest-api <=3.1.0 - Insecure Direct Object Reference
An issue was discovered in the acf-to-rest-api plugin through 3.1.0 for WordPress. It allows an insecure direct object r
23RISK
open ↗Nucleimedium
Extreme Management Center 8.4.1.24 - Cross-Site Scripting
Extreme Management Center 8.4.1.24 allows unauthenticated reflected XSS via a parameter in a GET request.
18RISK
open ↗Nucleihigh
Artica Pandora FMS 7.44 - Remote Code Execution
Artica Pandora FMS 7.44 allows remote command execution via the events feature.
40RISK
open ↗Nucleihigh
Intelbras TIP 200/200 LITE/300 - Local File Inclusion
Intelbras TIP 200 60.61.75.15, TIP 200 LITE 60.61.75.15, and TIP 300 65.61.75.22 devices allow cgi-bin/cgiServer.exx?pag
18RISK
open ↗Nucleicritical
Airflow Experimental <1.10.11 - REST API Auth Bypass
The previous default setting for Airflow's Experimental API was to allow all API requests without authentication, but th
100RISK
open ↗Nucleimedium
Apache Kylin - Exposed Configuration File
Apache Kylin 2.0.0, 2.1.0, 2.2.0, 2.3.0, 2.3.1, 2.3.2, 2.4.0, 2.4.1, 2.5.0, 2.5.1, 2.5.2, 2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.
40RISK
open ↗Nucleicritical
Apache Unomi <1.5.2 - Remote Code Execution
Remote Code Execution in Apache Unomi
50RISK
open ↗Nucleimedium
Apache APISIX - Insufficiently Protected Credentials
In Apache APISIX, the user enabled the Admin API and deleted the Admin API access IP restriction rules. Eventually, the
40RISK
open ↗Nucleicritical
WordPress PayPal Pro <1.1.65 - SQL Injection
The CodePeople Payment Form for PayPal Pro plugin before 1.1.65 for WordPress allows SQL Injection.
40RISK
open ↗Nucleihigh
Gitea 1.1.0 - 1.12.5 - Remote Code Execution
The git hook feature in Gitea 1.1.0 through 1.12.5 might allow for authenticated remote code execution in customer envir
40RISK
open ↗Nucleimedium
Atlassian Jira Server/Data Center <8.5.8/8.6.0 - 8.11.1 - Information Disclosure
Affected versions of Atlassian Jira Server and Data Center allow remote, unauthenticated attackers to view custom field
40RISK
open ↗Nucleimedium
Jira Server and Data Center - Information Disclosure
Affected versions of Atlassian Jira Server and Data Center allow an unauthenticated user to enumerate users via an Infor
60RISK
open ↗Nucleimedium
Agentejo Cockpit 0.10.2 - Cross-Site Scripting
An issue was discovered in Agentejo Cockpit 0.10.2. Insufficient sanitization of the to parameter in the /auth/login rou
18RISK
open ↗Nucleimedium
NeDi 1.9C - Cross-Site Scripting
NeDi 1.9C is vulnerable to XSS because of an incorrect implementation of sanitize() in inc/libmisc.php. This function at
18RISK
open ↗Nucleicritical
Oracle WebLogic Server - Remote Command Execution
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions
100RISK
open ↗Nucleihigh
Oracle Fusion - Directory Traversal/Local File Inclusion
Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Ins
100RISK
open ↗Nucleicritical
Oracle Weblogic Server - Remote Command Execution
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions
100RISK
open ↗Nucleihigh
Oracle Fusion Middleware WebLogic Server Administration Console - Remote Code Execution
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions
100RISK
open ↗Nucleihigh
Suprema BioStar <2.8.2 - Local File Inclusion
An issue was discovered in the Video Extension in Suprema BioStar 2 before 2.8.2. Remote attackers can read arbitrary fi
50RISK
open ↗Nucleilow
PrestaShop < 1.7.6.6 - Information Exposure via Upload Directory
Information exposure in the upload directory in PrestaShop
28RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.