Public exploitation

Exploit catalog

Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.

71,114cataloged exploits
31,649CVEs with public exploitation
0lab-tested
4,188 exploits
Nucleihigh
XStream <1.4.14 - Remote Code Execution
Remote Code Execution in XStream
58RISK
open
Nucleihigh
PrestaShop Product Comments <4.2.0 - SQL Injection
Blind SQL injection during the CommentGrade process
33RISK
open
Nucleihigh
XStream <1.4.15 - Server-Side Request Forgery
Server-Side Forgery Request can be activated unmarshalling with XStream
50RISK
open
Nucleimedium
Gitlab CE/EE 13.4 - 13.6.2 - Information Disclosure
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.4 before 13.6.2. Information disclo
40RISK
open
Nucleimedium
SAP Solution Manager - Open Redirect
SAP Solution Manager (Trace Analysis), version - 720, allows for misuse of a parameter in the application URL leading to
23RISK
open
Nucleihigh
WordPress WP Courses Plugin Information Disclosure
The wp-courses plugin through 2.0.27 for WordPress allows remote attackers to bypass the intended payment step (for cour
18RISK
open
Nucleicritical
Ruckus vRioT IoT Controller - Authentication Bypass
Ruckus vRioT through 1.5.1.0.21 has an API backdoor that is hardcoded into validate_token.py. An unauthenticated attacke
50RISK
open
Nucleicritical
NETGEAR ProSAFE Plus - Unauthenticated Remote Code Execution
CVE-2020-26919CRITICALunder attack
NETGEAR JGS516PE devices before 2.6.0.43 are affected by lack of access control at the function level.
85RISK
open
Nucleicritical
phpMyAdmin < 5.0.3 - SQL Injection
An issue was discovered in SearchController in phpMyAdmin before 4.9.6 and 5.x before 5.0.3. A SQL injection vulnerabili
30RISK
open
Nucleicritical
Emby < 4.5.0 - Server Server-Side Request Forgery
Emby Server before 4.5.0 allows SSRF via the Items/RemoteSearch/Image ImageURL parameter.
40RISK
open
Nucleihigh
LionWiki <3.2.12 - Local File Inclusion
LionWiki before 3.2.12 allows an unauthenticated user to read files as the web server user via crafted string in the ind
18RISK
open
Nucleicritical
JD Edwards EnterpriseOne Tools 9.2 - Information Disclosure
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Monitoring and Diagnostics)
68RISK
open
Nucleihigh
Akkadian Provisioning Manager 4.50.02 - Sensitive Information Disclosure
An issue exists within Akkadian Provisioning Manager 4.50.02 which allows attackers to view sensitive information within
18RISK
open
Nucleihigh
Processwire CMS <2.7.1 - Local File Inclusion
A Directory Traversal vulnerability exits in Processwire CMS before 2.7.1 via the download parameter to index.php.
23RISK
open
Nucleicritical
Good Layers LMS Plugin <= 2.1.4 - SQL Injection
An unauthenticated SQL Injection vulnerability in Good Layers LMS Plugin <= 2.1.4 exists due to the usage of "wp_ajax_no
23RISK
open
Nucleicritical
WordPress Loginizer < 1.6.4 – Unauthenticated SQL Injection via `log` Parameter
The Loginizer plugin before 1.6.4 for WordPress allows SQL injection (with resultant XSS), related to loginizer_login_fa
30RISK
open
Nucleimedium
Wing FTP 6.4.4 - Cross-Site Scripting
An XSS issue was discovered in Wing FTP 6.4.4. An arbitrary IFRAME element can be included in the help pages via a craft
18RISK
open
Nucleimedium
KeyCloak - Information Exposure
A flaw was found in keycloak in versions prior to 13.0.0. The client registration endpoint allows fetching information a
23RISK
open
Nucleihigh
NETGEAR - Authentication Bypass
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6020
36RISK
open
Nucleimedium
IceWarp WebMail 11.4.5.0 - Cross-Site Scripting
IceWarp 11.4.5.0 allows XSS via the language parameter.
18RISK
open
Nucleihigh
SonarQube - Authentication Bypass
SonarQube 8.4.2.36762 allows remote attackers to discover cleartext SMTP, SVN, and GitLab credentials via the api/settin
41RISK
open
Nucleimedium
TerraMaster TOS < 4.2.06 - User Enumeration
User Enumeration vulnerability in TerraMaster TOS <= 4.2.06 allows remote unauthenticated attackers to identify valid us
23RISK
open
Nucleicritical
TerraMaster TOS - Unauthenticated Remote Command Execution
Remote Command Execution (RCE) vulnerability in TerraMaster TOS <= 4.2.06 allow remote unauthenticated attackers to inje
40RISK
open
Nucleimedium
Rocket.Chat <3.9.1 - Information Disclosure
An email address enumeration vulnerability exists in the password reset function of Rocket.Chat through 3.9.1.
23RISK
open
Nucleimedium
Mitel ShoreTel 19.46.1802.0 Devices - Cross-Site Scripting
The conferencing component on Mitel ShoreTel 19.46.1802.0 devices could allow an unauthenticated attacker to conduct a r
43RISK
open
Nucleicritical
geojson2kml - Command Injection
Command Injection
48RISK
open
Nucleicritical
ManageEngine OpManager SumPDU 12.1 - 12.5.232 - Java Deserialization
Zoho ManageEngine OpManager Stable build before 125203 (and Released build before 125233) allows Remote Code Execution v
60RISK
open
Nucleicritical
Monitorr 1.7.6m - Unauthenticated Remote Code Execution
Remote code execution in Monitorr v1.7.6m in upload.php allows an unauthorized person to execute arbitrary code on the s
40RISK
open
Nucleimedium
WordPress Canto 1.3.0 - Blind Server-Side Request Forgery
The Canto plugin 1.3.0 for WordPress contains a blind SSRF vulnerability. It allows an unauthenticated attacker can make
43RISK
open
Nucleicritical
WP Hotel Booking < 1.10.4 - PHP Object Injection
The wp-hotel-booking plugin through 1.10.2 for WordPress allows remote attackers to execute arbitrary code because of an
23RISK
open

We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.