Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,159cataloged exploits
31,683CVEs with public exploitation
0lab-tested
AllExploit-DB 22,469Referência 19,841GitHub PoC 13,128VulnCheck XDB 8,069Nuclei 4,190Metasploit 3,462✓ verified onlyrecentpopularrisk
4,190 exploits
Nucleicritical
EyesOfNetwork - Hardcoded API Key & SQL Injection
An issue was discovered in EyesOfNetwork 5.3. The EyesOfNetwork API 2.4.2 is prone to SQL injection, allowing an unauthe
60RISK
open ↗Nucleicritical
EyesOfNetwork - Hardcoded API Key
An issue was discovered in EyesOfNetwork 5.3. The installation uses the same API key (hardcoded as EONAPI_KEY in include
100RISK
open ↗Nucleicritical
WordPress Time Capsule < 1.21.16 - Authentication Bypass
The Time Capsule plugin before 1.21.16 for WordPress has an authentication bypass. Any request containing IWP_JSON_PREFI
30RISK
open ↗Nucleicritical
WordPress InfiniteWP <1.9.4.5 - Authorization Bypass
The InfiniteWP Client plugin before 1.9.4.5 for WordPress has a missing authorization check in iwp_mmb_set_request in in
40RISK
open ↗Nucleihigh
Cacti v1.2.8 - Remote Code Execution
graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a
60RISK
open ↗Nucleihigh
Citrix ShareFile StorageZones <=5.10.x - Arbitrary File Read
An unauthenticated arbitrary file read issue exists in all versions of Citrix ShareFile StorageZones (aka storage zones)
23RISK
open ↗Nucleicritical
Couchbase Server - Broken Access Control
Couchbase Server 4.0.0, 4.1.0, 4.1.1, 4.5.0, 4.5.1, 4.6.0 through 4.6.5, 5.0.0, 5.1.1, 5.5.0 and 5.5.1 have Insecure Per
18RISK
open ↗Nucleihigh
WordPress wpCentral <1.5.1 - Information Disclosure
The wpCentral plugin before 1.5.1 for WordPress allows disclosure of the connection key.
18RISK
open ↗Nucleihigh
exacqVision Web Service - Remote Code Execution
exacqVision Software - Improper Verification of Cryptographic Signature
28RISK
open ↗Nucleicritical
Zyxel NAS Firmware 5.21- Remote Code Execution
ZyXEL NAS products running firmware version 5.21 and earlier are vulnerable to pre-authentication command injection in weblogin.cgi
100RISK
open ↗Nucleimedium
Oracle iPlanet Web Server 7.0.x - Image Injection
** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** Oracle iPlanet Web Server 7.0.x allows image injection in the Administration c
18RISK
open ↗Nucleihigh
Oracle iPlanet Web Server 7.0.x - Authentication Bypass
** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** Oracle iPlanet Web Server 7.0.x has Incorrect Access Control for admingui/vers
40RISK
open ↗Nucleimedium
Jira Subversion ALM for Enterprise <8.8.2 - Cross-Site Scripting
Subversion ALM for the enterprise before 8.8.2 allows reflected XSS at multiple locations.
18RISK
open ↗Nucleihigh
D-Link DIR-610 Devices - Information Disclosure
D-Link DIR-610 devices allow Information Disclosure via SERVICES=DEVICE.ACCOUNT%0AAUTHORIZED_GROUP=1 to getcfg.php. NOTE
23RISK
open ↗Nucleihigh
rConfig <3.9.4 - Sensitive Information Disclosure
An issue was discovered in includes/head.inc.php in rConfig before 3.9.4. An unauthenticated attacker can retrieve saved
23RISK
open ↗Nucleicritical
Apache Spark - Authentication Bypass
In Apache Spark 2.4.5 and earlier, a standalone resource manager's master may be configured to require authentication (s
23RISK
open ↗Nucleihigh
SkyWalking SQLI
**Resolved** When use H2/MySQL/TiDB as Apache SkyWalking storage, the metadata query through GraphQL protocol, there is
30RISK
open ↗Nucleihigh
Apache Tomcat Remote Command Execution
When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a)
30RISK
open ↗Nucleimedium
Apache OFBiz 17.12.03 - Cross-Site Scripting
XML-RPC request are vulnerable to unsafe deserialization and Cross-Site Scripting issues in Apache OFBiz 17.12.03
60RISK
open ↗Nucleicritical
FasterXML jackson-databind - Deserialization Remote Code Execution
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, rela
23RISK
open ↗Nucleicritical
FasterXML Jackson Databind <=2.9.10.4 - Remote Code Execution
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, rela
23RISK
open ↗Nucleicritical
Craft CMS < 3.3.0 - Server-Side Template Injection
The SEOmatic component before 3.3.0 for Craft CMS allows Server-Side Template Injection that leads to RCE via malformed
40RISK
open ↗Nucleicritical
Cisco Small Business RV Series - OS Command Injection
Cisco Small Business RV Series Routers Vulnerabilities
50RISK
open ↗Nucleicritical
Cisco HyperFlex HX Data Platform - Remote Command Execution
Cisco HyperFlex HX Command Injection Vulnerabilities
100RISK
open ↗Nucleicritical
Cisco HyperFlex HX Data Platform - Remote Command Execution
Cisco HyperFlex HX Command Injection Vulnerabilities
100RISK
open ↗Nucleimedium
Cisco HyperFlex HX Data Platform - Arbitrary File Upload
Cisco HyperFlex HX Data Platform File Upload Vulnerability
50RISK
open ↗Nucleicritical
SonicWall Email Security <= 10.0.9.x - Unauthenticated Admin Account Creation
A vulnerability in the SonicWall Email Security version 10.0.9.x allows an attacker to create an administrative account
100RISK
open ↗Nucleimedium
SonicWall SonicOS 7.0 - Open Redirect
A Host Header Redirection vulnerability in SonicOS potentially allows a remote attacker to redirect firewall management
43RISK
open ↗Nucleicritical
SonicWall SMA100 Stack - Buffer Overflow/Remote Code Execution
A Stack-based buffer overflow vulnerability in SMA100 Apache httpd server's mod_cgi module environment variables allows
100RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.