Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,180cataloged exploits
31,691CVEs with public exploitation
0lab-tested
AllExploit-DB 22,469Referência 19,841GitHub PoC 13,140VulnCheck XDB 8,078Nuclei 4,190Metasploit 3,462✓ verified onlyrecentpopularrisk
3,462 exploits
Metasploit400
Supermicro Onboard IPMI close_window.cgi Buffer Overflow
Multiple stack-based buffer overflows in cgi/close_window.cgi in the web interface in the Intelligent Platform Managemen
60RISK
open ↗Metasploit200
MS13-096 Microsoft Tagged Image File Format (TIFF) Integer Overflow
GDI+ in Microsoft Windows Vista SP2 and Server 2008 SP2; Office 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Office Compati
100RISK
open ↗Metasploit600
Gitlab-shell Code Execution
The SSH key upload feature (lib/gitlab_keys.rb) in gitlab-shell before 1.7.3, as used in GitLab 5.0 before 5.4.1 and 6.x
50RISK
open ↗Metasploit300
Watermark Master Buffer Overflow (SEH)
Buffer overflow in VideoCharge Software Watermark Master 2.2.23 allows remote attackers to execute arbitrary code via a
50RISK
open ↗Metasploit600
Apache Roller OGNL Injection
Certain getText methods in the ActionSupport controller in Apache Roller before 5.0.2 allow remote attackers to execute
60RISK
open ↗Metasploit600
Synology DiskStation Manager SLICEUPLOAD Remote Command Execution
webman/imageSelector.cgi in Synology DiskStation Manager (DSM) 4.0 before 4.0-2259, 4.2 before 4.2-3243, and 4.3 before
60RISK
open ↗Metasploit600
Zabbix Authenticated Remote Command Execution
Zabbix 2.0.9 has an Arbitrary Command Execution Vulnerability
50RISK
open ↗Metasploit600
OpenMediaVault rpc.php Authenticated Cron Remote Code Execution
The Cron service in rpc.php in OpenMediaVault allows remote authenticated users to execute cron jobs as arbitrary users
68RISK
open ↗Metasploit500
Rocket Servergraph Admin Center fileRequestor Remote Code Execution
Directory traversal vulnerability in the Admin Center for Tivoli Storage Manager (TSM) in Rocket ServerGraph 1.2 allows
60RISK
open ↗Metasploit300
Openbravo ERP XXE Arbitrary File Read
The XML API in Openbravo ERP 2.5, 3.0, and earlier allows remote authenticated users to read arbitrary files via an XML
43RISK
open ↗Metasploit600
HP LoadRunner EmulationAdmin Web Service Directory Traversal
Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 allows remote attackers to execute arb
50RISK
open ↗Metasploit600
ISPConfig Authenticated Arbitrary PHP Code Execution
ISPConfig 3.0.5.2 has Arbitrary PHP Code Execution
50RISK
open ↗Metasploit600
vTigerCRM v5.4.0/v5.3.0 Authenticated Remote Code Execution
vTiger CRM 5.3 and 5.4: 'files' Upload Folder Arbitrary PHP Code Execution Vulnerability
50RISK
open ↗Metasploit500
HP SiteScope issueSiebelCmd Remote Code Execution
The APISiteScopeImpl SOAP service in HP SiteScope 10.1x and 11.x before 11.22 allows remote attackers to bypass authenti
60RISK
open ↗Metasploit600
Moodle Authenticated Spelling Binary RCE
Moodle through 2.5.2 allows remote authenticated administrators to execute arbitrary programs by configuring the aspell
50RISK
open ↗Metasploit500
NAS4Free Arbitrary Remote Code Execution
NAS4Free 9.1.0.1.804 and earlier allows remote authenticated users to execute arbitrary PHP code via a request to exec.p
43RISK
open ↗Metasploit600
Moodle Authenticated Spelling Binary RCE
Multiple cross-site scripting (XSS) vulnerabilities in Moodle through 2.2.11, 2.3.x before 2.3.9, 2.4.x before 2.4.6, an
43RISK
open ↗Metasploit300
VideoCharge Studio Buffer Overflow (SEH)
VideoCharge Studio 2.12.3.685 SEH Buffer Overflow via .VSC File
36RISK
open ↗Metasploit600
ProcessMaker Open Source Authenticated PHP Code Execution
ProcessMaker Open Source < 2.5.2 neoclassic Skin PHP Code Execution
36RISK
open ↗Metasploit600
VICIdial Manager Send OS Command Injection
VICIDIAL dialer (aka Asterisk GUI client) 2.8-403a, 2.7, 2.7RC1, and earlier allows remote authenticated users to execut
50RISK
open ↗Metasploit600
VICIdial Manager Send OS Command Injection
Multiple SQL injection vulnerabilities in the agent interface (agc/) in VICIDIAL dialer (aka Asterisk GUI client) 2.8-40
50RISK
open ↗Metasploit300
Node.js HTTP Pipelining Denial of Service
The HTTP server in Node.js 0.10.x before 0.10.21 and 0.8.x before 0.8.26 allows remote attackers to cause a denial of se
30RISK
open ↗Metasploit600
WebTester 5.x Command Execution
WebTester 5.x install2.php Unauthenticated Command Execution
63RISK
open ↗Metasploit300
Beetel Connection Manager NetConfig.ini Buffer Overflow
Beetel Connection Manager NetConfig.ini Stack-Based Buffer Overflow
36RISK
open ↗Metasploit300
Android Settings Remove Device Locks (4.0-4.3)
Android 4.0 through 4.3 allows attackers to bypass intended access restrictions and remove device locks via a crafted ap
18RISK
open ↗Metasploit300
vBulletin Administrator Account Creation
The install/upgrade.php scripts in vBulletin 4.1 and 5 allow remote attackers to create administrative accounts via the
50RISK
open ↗Metasploit300
ALLPlayer M3U Buffer Overflow
Buffer overflow in ALLPlayer 5.6.2 through 5.8.1 allows remote attackers to cause a denial of service (crash) and possib
50RISK
open ↗Metasploit600
HP Intelligent Management Center BIMS UploadServlet Directory Traversal
Unspecified vulnerability in HP Intelligent Management Center (iMC) and HP IMC Branch Intelligent Management System Soft
50RISK
open ↗Metasploit200
Windows TrackPopupMenuEx Win32k NULL Page
win32k.sys in the kernel-mode drivers in Microsoft Windows 7 SP1 and Windows Server 2008 R2 SP1 allows local users to ga
43RISK
open ↗Metasploit300
MS13-080 Microsoft Internet Explorer CDisplayPointer Use-After-Free
Use-after-free vulnerability in the CDisplayPointer class in mshtml.dll in Microsoft Internet Explorer 6 through 11 allo
100RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.