Public exploitation

Exploit catalog

Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.

71,180cataloged exploits
31,691CVEs with public exploitation
0lab-tested
4,190 exploits
Nucleicritical
Microsoft Exchange Server SSRF Vulnerability
CVE-2021-26855CRITICALunder attackransomware
Microsoft Exchange Server Remote Code Execution Vulnerability
100RISK
open
Nucleimedium
Odoo <= 15.0 - Cross-Site Scripting
Cross-site scripting (XSS) issue Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier, allows remote att
28RISK
open
Nucleimedium
Doctor Appointment System 1.0 - SQL Injection
SQL injection in the expertise parameter in search_result.php in Doctor Appointment System v1.0 allows an authenticated
18RISK
open
Nucleicritical
Sercomm VD625 Smart Modems - CRLF Injection
SerComm AG Combo VD625 AGSOT_2.1.0 devices allow CRLF injection (for HTTP header injection) in the download function via
23RISK
open
Nucleimedium
Clansphere CMS 2011.4 - Cross-Site Scripting
Clansphere CMS 2011.4 allows unauthenticated reflected XSS via "module" parameter.
18RISK
open
Nucleimedium
Clansphere CMS 2011.4 - Cross-Site Scripting
Clansphere CMS 2011.4 allows unauthenticated reflected XSS via "language" parameter.
18RISK
open
Nucleicritical
Doctor Appointment System 1.0 - SQL Injection
SQL injection in admin.php in doctor appointment system 1.0 allows an unauthenticated attacker to insert malicious SQL q
23RISK
open
Nucleihigh
Doctor Appointment System 1.0 - SQL Injection
Blind SQL injection in contactus.php in Doctor Appointment System 1.0 allows an unauthenticated attacker to insert malic
18RISK
open
Nucleihigh
Doctor Appointment System 1.0 - SQL Injection
Blind SQL injection in contactus.php in doctor appointment system 1.0 allows an unauthenticated attacker to insert malic
18RISK
open
Nucleihigh
Doctor Appointment System 1.0 - SQL Injection
Blind SQL injection in contactus.php in Doctor Appointment System 1.0 allows an unauthenticated attacker to insert malic
18RISK
open
Nucleihigh
Doctor Appointment System 1.0 - SQL Injection
Blind SQL injection in contactus.php in Doctor Appointment System 1.0 allows an unauthenticated attacker to insert malic
18RISK
open
Nucleimedium
Triconsole Datepicker Calendar <3.77 - Cross-Site Scripting
Triconsole Datepicker Calendar <3.77 is affected by cross-site scripting (XSS) in calendar_form.php. Attackers can read
18RISK
open
Nucleihigh
Grafana Unauthenticated Snapshot Creation
The snapshot feature in Grafana 6.7.3 through 7.4.1 can allow an unauthenticated remote attackers to trigger a Denial of
40RISK
open
Nucleimedium
FUDForum 3.1.0 - Cross-Site Scripting
A cross-site scripting (XSS) issue in FUDForum 3.1.0 allows remote attackers to inject JavaScript via index.php in the "
38RISK
open
Nucleimedium
FUDForum 3.1.0 - Cross-Site Scripting
A cross-site scripting (XSS) issue in FUDForum 3.1.0 allows remote attackers to inject JavaScript via index.php in the "
38RISK
open
Nucleicritical
YeaLink DM 3.6.0.20 - Remote Command Injection
CVE-2021-27561CRITICALunder attack
Yealink Device Management (DM) 3.6.0.20 allows command injection as root via the /sm/api/v1/firewall/zone/services URI,
95RISK
open
Nucleicritical
Pega Infinity - Authentication Bypass
In versions 8.2.1 through 8.5.2 of Pega Infinity, the password reset functionality for local accounts can be used to byp
75RISK
open
Nucleicritical
Appspace 6.2.4 - Server-Side Request Forgery
Appspace 6.2.4 allows SSRF via the api/v1/core/proxy/jsonprequest url parameter.
30RISK
open
Nucleicritical
Apache Tapestry - Remote Code Execution
Bypass of the fix for CVE-2019-0195
60RISK
open
Nucleicritical
FatPipe WARP/IPVPN/MPVPN - Backdoor Account
FatPipe software administrative account with no password
43RISK
open
Nucleimedium
FatPipe WARP/IPVPN/MPVPN - Authorization Bypass
Missing authorization vulnerability in FatPipe software
28RISK
open
Nucleicritical
Apache Solr <=8.8.1 - Server-Side Request Forgery
SSRF vulnerability with the Replication handler
40RISK
open
Nucleimedium
Mautic <3.3.4 - Cross-Site Scripting
XSS vulnerability on password reset page
28RISK
open
Nucleicritical
LumisXP <10.0.0 - Blind XML External Entity Attack
LumisXP (aka Lumis Experience Platform) before 10.0.0 allows unauthenticated blind XXE via an API request to PageControl
23RISK
open
Nucleicritical
SonLogger - Arbitrary File Upload
SonLogger before 6.4.1 is affected by Unauthenticated Arbitrary File Upload. An attacker can send a POST request to /Con
50RISK
open
Nucleimedium
Hongdian H8922 3.0.5 Devices - Local File Inclusion
Hongdian H8922 3.0.5 devices allow Directory Traversal. The /log_download.cgi log export handler does not validate user
23RISK
open
Nucleimedium
Hongdian H8922 3.0.5 - Information Disclosure
Hongdian H8922 3.0.5 devices allow the unprivileged guest user to read cli.conf (with the administrator password and oth
18RISK
open
Nucleihigh
Hongdian H8922 3.0.5 - Remote Command Injection
Hongdian H8922 3.0.5 devices allow OS command injection via shell metacharacters into the ip-address (aka Destination) f
23RISK
open
Nucleimedium
Eclipse Jetty - Information Disclosure
In Eclipse Jetty 9.4.37.v20210219 to 9.4.38.v20210224, the default compliance mode allows requests with URIs that contai
70RISK
open
Nucleimedium
Eclipse Jetty ConcatServlet - Information Disclosure
For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, it is possible for requests to the ConcatServlet with a doub
50RISK
open

We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.