Public exploitation

Exploit catalog

Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.

71,159cataloged exploits
31,683CVEs with public exploitation
0lab-tested
4,190 exploits
Nucleicritical
EyesOfNetwork - Hardcoded API Key & SQL Injection
An issue was discovered in EyesOfNetwork 5.3. The EyesOfNetwork API 2.4.2 is prone to SQL injection, allowing an unauthe
60RISK
open
Nucleicritical
EyesOfNetwork - Hardcoded API Key
CVE-2020-8657CRITICALunder attack
An issue was discovered in EyesOfNetwork 5.3. The installation uses the same API key (hardcoded as EONAPI_KEY in include
100RISK
open
Nucleicritical
WordPress Time Capsule < 1.21.16 - Authentication Bypass
The Time Capsule plugin before 1.21.16 for WordPress has an authentication bypass. Any request containing IWP_JSON_PREFI
30RISK
open
Nucleicritical
WordPress InfiniteWP <1.9.4.5 - Authorization Bypass
The InfiniteWP Client plugin before 1.9.4.5 for WordPress has a missing authorization check in iwp_mmb_set_request in in
40RISK
open
Nucleihigh
Cacti v1.2.8 - Remote Code Execution
graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a
60RISK
open
Nucleihigh
Citrix ShareFile StorageZones <=5.10.x - Arbitrary File Read
An unauthenticated arbitrary file read issue exists in all versions of Citrix ShareFile StorageZones (aka storage zones)
23RISK
open
Nucleimedium
Jeedom <=4.0.38 - Cross-Site Scripting
Jeedom through 4.0.38 allows XSS.
18RISK
open
Nucleicritical
Couchbase Server - Broken Access Control
Couchbase Server 4.0.0, 4.1.0, 4.1.1, 4.5.0, 4.5.1, 4.6.0 through 4.6.5, 5.0.0, 5.1.1, 5.5.0 and 5.5.1 have Insecure Per
18RISK
open
Nucleihigh
WordPress wpCentral <1.5.1 - Information Disclosure
The wpCentral plugin before 1.5.1 for WordPress allows disclosure of the connection key.
18RISK
open
Nucleihigh
exacqVision Web Service - Remote Code Execution
exacqVision Software - Improper Verification of Cryptographic Signature
28RISK
open
Nucleicritical
Zyxel NAS Firmware 5.21- Remote Code Execution
CVE-2020-9054CRITICALunder attack
ZyXEL NAS products running firmware version 5.21 and earlier are vulnerable to pre-authentication command injection in weblogin.cgi
100RISK
open
Nucleimedium
Oracle iPlanet Web Server 7.0.x - Image Injection
** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** Oracle iPlanet Web Server 7.0.x allows image injection in the Administration c
18RISK
open
Nucleihigh
Oracle iPlanet Web Server 7.0.x - Authentication Bypass
** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** Oracle iPlanet Web Server 7.0.x has Incorrect Access Control for admingui/vers
40RISK
open
Nucleimedium
Jira Subversion ALM for Enterprise <8.8.2 - Cross-Site Scripting
Subversion ALM for the enterprise before 8.8.2 allows reflected XSS at multiple locations.
18RISK
open
Nucleihigh
D-Link DIR-610 Devices - Information Disclosure
D-Link DIR-610 devices allow Information Disclosure via SERVICES=DEVICE.ACCOUNT%0AAUTHORIZED_GROUP=1 to getcfg.php. NOTE
23RISK
open
Nucleihigh
rConfig <3.9.4 - Sensitive Information Disclosure
An issue was discovered in includes/head.inc.php in rConfig before 3.9.4. An unauthenticated attacker can retrieve saved
23RISK
open
Nucleicritical
Apache Spark - Authentication Bypass
In Apache Spark 2.4.5 and earlier, a standalone resource manager's master may be configured to require authentication (s
23RISK
open
Nucleihigh
SkyWalking SQLI
**Resolved** When use H2/MySQL/TiDB as Apache SkyWalking storage, the metadata query through GraphQL protocol, there is
30RISK
open
Nucleihigh
Apache Tomcat Remote Command Execution
When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a)
30RISK
open
Nucleimedium
Apache OFBiz 17.12.03 - Cross-Site Scripting
XML-RPC request are vulnerable to unsafe deserialization and Cross-Site Scripting issues in Apache OFBiz 17.12.03
60RISK
open
Nucleicritical
FasterXML jackson-databind - Deserialization Remote Code Execution
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, rela
23RISK
open
Nucleicritical
FasterXML Jackson Databind <=2.9.10.4 - Remote Code Execution
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, rela
23RISK
open
Nucleicritical
Craft CMS < 3.3.0 - Server-Side Template Injection
The SEOmatic component before 3.3.0 for Craft CMS allows Server-Side Template Injection that leads to RCE via malformed
40RISK
open
Nucleicritical
Cisco Small Business RV Series - OS Command Injection
Cisco Small Business RV Series Routers Vulnerabilities
50RISK
open
Nucleicritical
Cisco HyperFlex HX Data Platform - Remote Command Execution
CVE-2021-1497CRITICALunder attack
Cisco HyperFlex HX Command Injection Vulnerabilities
100RISK
open
Nucleicritical
Cisco HyperFlex HX Data Platform - Remote Command Execution
CVE-2021-1498CRITICALunder attack
Cisco HyperFlex HX Command Injection Vulnerabilities
100RISK
open
Nucleimedium
Cisco HyperFlex HX Data Platform - Arbitrary File Upload
Cisco HyperFlex HX Data Platform File Upload Vulnerability
50RISK
open
Nucleicritical
SonicWall Email Security <= 10.0.9.x - Unauthenticated Admin Account Creation
CVE-2021-20021CRITICALunder attackransomware
A vulnerability in the SonicWall Email Security version 10.0.9.x allows an attacker to create an administrative account
100RISK
open
Nucleimedium
SonicWall SonicOS 7.0 - Open Redirect
A Host Header Redirection vulnerability in SonicOS potentially allows a remote attacker to redirect firewall management
43RISK
open
Nucleicritical
SonicWall SMA100 Stack - Buffer Overflow/Remote Code Execution
CVE-2021-20038CRITICALunder attackransomware
A Stack-based buffer overflow vulnerability in SMA100 Apache httpd server's mod_cgi module environment variables allows
100RISK
open

We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.