Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,114cataloged exploits
31,649CVEs with public exploitation
0lab-tested
AllExploit-DB 22,469Referência 19,810GitHub PoC 13,116VulnCheck XDB 8,069Nuclei 4,188Metasploit 3,462✓ verified onlyrecentpopularrisk
3,462 exploits
Metasploit300
Cisco RV320 and RV325 Unauthenticated Remote Code Execution
Cisco Small Business RV320 and RV325 Routers Command Injection Vulnerability
100RISK
open ↗Metasploit0
Snap Creek Duplicator WordPress plugin code injection
An issue was discovered in Snap Creek Duplicator before 1.2.42. By accessing leftover installer files (installer.php and
30RISK
open ↗Metasploit300
Microsoft Windows ALPC Task Scheduler Local Privilege Elevation
An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (A
91RISK
open ↗Metasploit600
Wordpress Plainview Activity Monitor RCE
The Plainview Activity Monitor plugin before 20180826 for WordPress is vulnerable to OS command injection via shell meta
60RISK
open ↗Metasploit600
Apache Struts 2 Namespace Redirect OGNL Injection
Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when alwaysSelectFullN
100RISK
open ↗Metasploit600
Ghostscript Failed Restore Command Execution
An issue was discovered in Artifex Ghostscript before 9.24. Incorrect "restoration of privilege" checking during handlin
60RISK
open ↗Metasploit300
Pimcore Gather Credentials via SQL Injection
Pimcore before 5.3.0 allows SQL Injection via the REST web service API.
43RISK
open ↗Metasploit600
PHP Laravel Framework token Unserialize Remote Command Execution
In Laravel Framework through 5.5.40 and 5.6.x through 5.6.29, remote code execution might occur as a result of an unseri
100RISK
open ↗Metasploit600
PHP Laravel Framework token Unserialize Remote Command Execution
In Laravel framework through 5.5.21, remote attackers can obtain sensitive information (such as externally usable passwo
60RISK
open ↗Metasploit300
Windows unmarshal post exploitation
A remote code execution vulnerability exists in "Microsoft COM for Windows" when it fails to properly handle serialized
100RISK
open ↗Metasploit600
NUUO NVRmini upgrade_handle.php Remote Command Execution
upgrade_handle.php on NUUO NVRmini devices allows Remote Command Execution via shell metacharacters in the uploaddir par
100RISK
open ↗Metasploit300
cgit Directory Traversal
cgit_clone_objects in CGit before 1.2.1 has a directory traversal vulnerability when `enable-http-clone=1` is not turned
60RISK
open ↗Metasploit300
Mikrotik Winbox Arbitrary File Read
MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated
100RISK
open ↗Metasploit600
Network Manager VPNC Username Privilege Escalation
Network Manager VPNC plugin (aka networkmanager-vpnc) before version 1.2.6 is vulnerable to a privilege escalation attac
56RISK
open ↗Metasploit300
Eaton Xpert Meter SSH Private Key Exposure Scanner
Eaton Power Xpert Meter 4000, 6000, and 8000 devices before 13.4.0.10 have a single SSH private key across different cus
30RISK
open ↗Metasploit300
Dicoogle PACS Web Server Directory Traversal
Dicoogle PACS Web Server 2.5.0 Unauthenticated Path Traversal
36RISK
open ↗Metasploit600
QNAP Q'Center change_passwd Command Execution
Exposure of Private Information in QNAP Q'center Virtual Appliance version 1.7.1063 and earlier could allow authenticate
50RISK
open ↗Metasploit600
QNAP Q'Center change_passwd Command Execution
Command injection vulnerability in change password of QNAP Q'center Virtual Appliance version 1.7.1063 and earlier could
50RISK
open ↗Metasploit600
CMS Made Simple Authenticated RCE via File Upload/Copy
CMS Made Simple version 2.2.5 contains a Remote Code Execution vulnerability in File Manager that can result in Allows a
50RISK
open ↗Metasploit300
Delta Electronics Delta Industrial Automation COMMGR 1.08 Stack Buffer Overflow
Delta Industrial Automation COMMGR from Delta Electronics versions 1.08 and prior with accompanying PLC Simulators (DVPS
50RISK
open ↗Metasploit300
Wordpress Arbitrary File Deletion
WordPress through 4.9.6 allows Author users to execute arbitrary code by leveraging directory traversal in the wp-admin/
30RISK
open ↗Metasploit600
PRTG Network Monitor Authenticated RCE
An issue was discovered in PRTG Network Monitor before 18.2.39. An attacker who has access to the PRTG System Administra
100RISK
open ↗Metasploit400
phpMyAdmin Authenticated Remote Code Execution
An issue was discovered in phpMyAdmin 4.8.x before 4.8.2, in which an attacker can include (view and potentially execute
60RISK
open ↗Metasploit600
MicroFocus Secure Messaging Gateway Remote Code Execution
Remote Code Execution in Micro Focus Secure Messaging Gateway
85RISK
open ↗Metasploit600
MicroFocus Secure Messaging Gateway Remote Code Execution
Unauthenticated SQL injection in Micro Focus Secure Messaging Gateway
85RISK
open ↗Metasploit600
Axis Network Camera .srv-to-parhand RCE
An issue was discovered in multiple models of Axis IP Cameras. There is Shell Command Injection.
60RISK
open ↗Metasploit600
Axis Network Camera .srv-to-parhand RCE
An issue was discovered in multiple models of Axis IP Cameras. There is a bypass of access control.
60RISK
open ↗Metasploit600
Axis Network Camera .srv-to-parhand RCE
An issue was discovered in multiple models of Axis IP Cameras. There is an Exposed Insecure Interface.
60RISK
open ↗Metasploit300
Splunk __raw Server Info Disclosure
Splunk through 7.0.1 allows information disclosure by appending __raw/services/server/info/server-info?output_mode=json
60RISK
open ↗Metasploit300
Cisco ASA Directory Traversal
A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remo
100RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.