Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,180cataloged exploits
31,691CVEs with public exploitation
0lab-tested
AllExploit-DB 22,469Referência 19,841GitHub PoC 13,140VulnCheck XDB 8,078Nuclei 4,190Metasploit 3,462✓ verified onlyrecentpopularrisk
3,462 exploits
Metasploit300
MS14-052 Microsoft Internet Explorer XMLDOM Filename Disclosure
The Microsoft.XMLDOM ActiveX control in Microsoft Windows 8.1 and earlier allows remote attackers to determine the exist
70RISK
open ↗Metasploit600
ManageEngine Eventlog Analyzer Arbitrary File Upload
Directory traversal vulnerability in the agentUpload servlet in ZOHO ManageEngine EventLog Analyzer 9.0 build 9002 and 8
60RISK
open ↗Metasploit600
ManageEngine Desktop Central StatusUpdate Arbitrary File Upload
Directory traversal vulnerability in ZOHO ManageEngine Desktop Central (DC) before 9 build 90055 allows remote attackers
60RISK
open ↗Metasploit600
ActualAnalyzer 'ant' Cookie Command Execution
Actual Analyzer through 2014-08-29 allows code execution via shell metacharacters because untrusted input is used for pa
68RISK
open ↗Metasploit300
ManageEngine DeviceExpert User Credentials
ReadUsersFromMasterServlet in ManageEngine DeviceExpert before 5.9 build 5981 allows remote attackers to obtain user acc
50RISK
open ↗Metasploit600
Wordpress SlideShow Gallery Authenticated File Upload
Unrestricted file upload vulnerability in the Tribulant Slideshow Gallery plugin before 1.4.7 for WordPress allows remot
60RISK
open ↗Metasploit600
Railo Remote File Include
A File Inclusion vulnerability exists in Railo 4.2.1 and earlier via a specially-crafted URL request to the thumbnail.cf
50RISK
open ↗Metasploit300
NTP Mode 6 UNSETTRAP DRDoS Scanner
The monlist feature in ntp_request.c in ntpd in NTP before 4.2.7p26 allows remote attackers to cause a denial of service
60RISK
open ↗Metasploit300
Netcore Router Udp 53413 Backdoor
Netcore / Netis Routers RCE via UDP Port 53413 Backdoor
68RISK
open ↗Metasploit300
NTP Mode 7 PEER_LIST DoS Scanner
The monlist feature in ntp_request.c in ntpd in NTP before 4.2.7p26 allows remote attackers to cause a denial of service
60RISK
open ↗Metasploit300
NTP Mode 6 REQ_NONCE DRDoS Scanner
The monlist feature in ntp_request.c in ntpd in NTP before 4.2.7p26 allows remote attackers to cause a denial of service
60RISK
open ↗Metasploit300
NTP Mode 7 GET_RESTRICT DRDoS Scanner
The monlist feature in ntp_request.c in ntpd in NTP before 4.2.7p26 allows remote attackers to cause a denial of service
60RISK
open ↗Metasploit300
NTP Mode 7 PEER_LIST_SUM DoS Scanner
The monlist feature in ntp_request.c in ntpd in NTP before 4.2.7p26 allows remote attackers to cause a denial of service
60RISK
open ↗Metasploit600
SolarWinds Storage Manager Authentication Bypass
The AuthenticationFilter class in SolarWinds Storage Manager allows remote attackers to upload and execute arbitrary scr
40RISK
open ↗Metasploit300
Yokogawa BKBCopyD.exe Client
BKBCopyD.exe in the Batch Management Packages in Yokogawa CENTUM CS 3000 through R3.09.50 and CENTUM VP through R4.03.00
23RISK
open ↗Metasploit300
Wordpress XMLRPC DoS
The Incutio XML-RPC (IXR) Library, as used in WordPress before 3.9.2 and Drupal 6.x before 6.33 and 7.x before 7.31, doe
23RISK
open ↗Metasploit0
HybridAuth install.php PHP Code Execution
HybridAuth 2.0.9 - 2.2.2 Unauthenticated RCE via install.php Configuration Injection
63RISK
open ↗Metasploit600
Dell SonicWALL Scrutinizer 11.01 methodDetail SQL Injection
Multiple SQL injection vulnerabilities in Dell SonicWall Scrutinizer 11.0.1 allow remote authenticated users to execute
60RISK
open ↗Metasploit200
MQAC.sys Arbitrary Write Privilege Escalation
Microsoft Windows XP SP3 does not validate addresses in certain IRP handler routines, which allows local users to write
43RISK
open ↗Metasploit200
MS14-062 Microsoft Bluetooth Personal Area Networking (BthPan.sys) Privilege Escalation
Microsoft Windows XP SP3 does not validate addresses in certain IRP handler routines, which allows local users to write
43RISK
open ↗Metasploit300
Advantech WebAccess dvs.ocx GetColor Buffer Overflow
Advantech WebAccess Stack-Based Buffer Overflow
68RISK
open ↗Metasploit200
VirtualBox Guest Additions VBoxGuest.sys Privilege Escalation
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 3.2.24, 4.0.2
38RISK
open ↗Metasploit300
Flash "Rosetta" JSONP GET/POST Response Disclosure
Adobe Flash Player before 13.0.0.231 and 14.x before 14.0.0.145 on Windows and OS X and before 11.2.202.394 on Linux, Ad
23RISK
open ↗Metasploit600
Wordpress MailPoet Newsletters (wysija-newsletters) Unauthenticated File Upload
The MailPoet Newsletters (wysija-newsletters) plugin before 2.6.7 for WordPress allows remote attackers to bypass authen
50RISK
open ↗Metasploit600
Gitlist Unauthenticated Remote Command Execution
Gitlist before 0.5.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the file name in
60RISK
open ↗Metasploit600
VMTurbo Operations Manager vmtadmin.cgi Remote Command Execution
vmtadmin.cgi in VMTurbo Operations Manager before 4.6 build 28657 allows remote attackers to execute arbitrary commands
60RISK
open ↗Metasploit600
Wing FTP Server Authenticated Command Execution
In Wing FTP Server before 7.4.4. the user and admin web interfaces mishandle '\0' bytes, ultimately allowing injection o
100RISK
open ↗Metasploit600
ManageEngine Desktop Central / Password Manager LinkViewFetchServlet.dat SQL Injection
SQL injection vulnerability in the LinkViewFetchServlet servlet in ManageEngine Desktop Central (DC) and Desktop Central
50RISK
open ↗Metasploit300
OpenSSL DTLS Fragment Buffer Overflow DoS
The dtls1_reassemble_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0
40RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.