Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,180cataloged exploits
31,691CVEs with public exploitation
0lab-tested
AllExploit-DB 22,469Referência 19,841GitHub PoC 13,140VulnCheck XDB 8,078Nuclei 4,190Metasploit 3,462✓ verified onlyrecentpopularrisk
4,190 exploits
Nucleihigh
Express-handlebars - Local File Inclusion
File disclosure in Express Handlebars
23RISK
open ↗Nucleicritical
Erxes <0.23.0 - Cross-Site Scripting
Erxes vulnerable to Cross-site Scripting
28RISK
open ↗Nucleicritical
Zoho ManageEngine OpManager < 12.5.329 - Remote Code Execution
Zoho ManageEngine OpManager before 12.5.329 allows unauthenticated Remote Code Execution due to a general bypass in the
30RISK
open ↗Nucleimedium
emlog 5.3.1 Path Disclosure
emlog v5.3.1 has full path disclosure vulnerability in t/index.php, which allows an attacker to see the path to the webr
23RISK
open ↗Nucleihigh
Zyxel NBG2105 V1.00(AAGU.2)C0 - Authentication Bypass
On Zyxel NBG2105 V1.00(AAGU.2)C0 devices, setting the login cookie to 1 provides administrator access.
23RISK
open ↗Nucleicritical
Dahua IPC/VTH/VTO - Authentication Bypass
The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can by
100RISK
open ↗Nucleicritical
Dahua IPC/VTH/VTO - Authentication Bypass
The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can by
100RISK
open ↗Nucleicritical
CommScope Ruckus IoT Controller - Information Disclosure
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Unauthenticated API Endpoints.
30RISK
open ↗Nucleicritical
RaspAP <=2.6.5 - Remote Command Injection
A vulnerability exists in RaspAP 2.6 to 2.6.5 in the "iface" GET parameter in /ajax/networking/get_netcfg.php, when the
23RISK
open ↗Nucleihigh
Geutebruck - Remote Command Injection
UDP Technology/Geutebrück camera devices: command injection leading to RCE
58RISK
open ↗Nucleihigh
Boa 0.94.13 - Information Disclosure
Boa 0.94.13 allows remote attackers to obtain sensitive information via a misconfiguration involving backup.html, previe
43RISK
open ↗Nucleicritical
Ruby Dragonfly <1.4.0 - Remote Code Execution
An argument injection vulnerability in the Dragonfly gem before 1.4.0 for Ruby allows remote attackers to read and write
60RISK
open ↗Nucleicritical
SAP NetWeaver Development Infrastructure - Server Side Request Forgery
Server-Side Request Forgery (SSRF) vulnerability has been detected in the SAP NetWeaver Development Infrastructure Compo
75RISK
open ↗Nucleimedium
Rstudio Shiny Server <1.5.16 - Local File Inclusion
Directory traversal in RStudio Shiny Server before 1.5.16 allows attackers to read the application source code, involvin
23RISK
open ↗Nucleihigh
Microsoft Exchange - Authentication Bypass
Microsoft Exchange Server Information Disclosure Vulnerability
100RISK
open ↗Nucleimedium
npm ansi_up v4 - Cross-Site Scripting
The npm package ansi_up converts ANSI escape codes into HTML. In ansi_up v4, ANSI escape codes can be used to create HTM
18RISK
open ↗Nucleicritical
FortiLogger 4.4.2.2 - Arbitrary File Upload
FortiLogger 4.4.2.2 is affected by Arbitrary File Upload by sending a "Content-Type: image/png" header to Config/SaveUpl
60RISK
open ↗Nucleihigh
Cartadis Gespage 8.2.1 - Directory Traversal
Cartadis Gespage through 8.2.1 allows Directory Traversal in gespage/doDownloadData and gespage/webapp/doDownloadData.
23RISK
open ↗Nucleimedium
Drupal 7 CKEditor XSS
A cross-site scripting (XSS) vulnerability in the HTML Data Processor in CKEditor 4 4.14.0 through 4.16.x before 4.16.1
18RISK
open ↗Nucleimedium
WordPress Customize Login Image <3.5.3 - Cross-Site Scripting
A cross-site scripting (XSS) attack can cause arbitrary code (JavaScript) to run in a user's browser and can use an appl
18RISK
open ↗Nucleimedium
Accela Civic Platform <=21.1 - Cross-Site Scripting
In Accela Civic Platform through 21.1, the security/hostSignon.do parameter servProvCode is vulnerable to XSS. NOTE: The
43RISK
open ↗Nucleicritical
Chamilo model.ajax.php - SQL Injection
main/inc/ajax/model.ajax.php in Chamilo through 1.11.14 allows SQL Injection via the searchField, filters, or filters2 p
23RISK
open ↗Nucleimedium
Accela Civic Platform <=21.1 - Cross-Site Scripting
Accela Civic Platform through 20.1 allows ssoAdapter/logoutAction.do successURL XSS. NOTE: the vendor states "there are
38RISK
open ↗Nucleicritical
Eclipse BIRT Viewer - Remote Code Execution
In Eclipse BIRT versions 4.8.0 and earlier, an attacker can use query parameters to create a JSP file which is accessibl
50RISK
open ↗Nucleimedium
Eclipse Jetty - Information Disclosure
For Eclipse Jetty versions 9.4.37-9.4.42, 10.0.1-10.0.5 & 11.0.1-11.0.5, URIs can be crafted using some encoded characte
70RISK
open ↗Nucleicritical
Exchange Server - Remote Code Execution
Microsoft Exchange Server Remote Code Execution Vulnerability
100RISK
open ↗Nucleicritical
WordPress ProfilePress 3.0.0-3.1.3 - Admin User Creation Weakness
ProfilePress 3.0 - 3.1.3 - Unauthenticated Privilege Escalation
75RISK
open ↗Nucleicritical
WordPress ProfilePress <= 3.1.3 - Privilege Escalation
ProfilePress 3.0 - 3.1.3 - Authenticated Privilege Escalation
43RISK
open ↗Nucleicritical
WordPress ProfilePress 3.0-3.1.3 - Arbitrary File Upload
ProfilePress 3.0 - 3.1.3 - Arbitrary File Upload in File Uploader Component
43RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.