Explotación pública
Catálogo de exploits
Todo exploit público que catalogamos, en un solo índice. Busca por CVE, nombre del exploit o tecnología — y mira, al lado, lo que la falla realmente vale: severidad, probabilidad de explotación y si ya está bajo ataque.
71.294exploits catalogados
31.742CVEs con explotación pública
0probados en laboratorio
TodosExploit-DB 22.469Referência 19.888GitHub PoC 13.184VulnCheck XDB 8100Nuclei 4191Metasploit 3462✓ solo verificadosrecientespopularesriesgo
3462 exploits
Metasploit600
WordPress Plugin Advanced Custom Fields Remote File Inclusion
WordPress Plugin Advanced Custom Fields <= 3.5.1 Remote File Inclusion
63RIESGO
abrir ↗Metasploit300
VMWare OVF Tools Format String Vulnerability
Format string vulnerability in VMware OVF Tool 2.1 on Windows, as used in VMware Workstation 8.x before 8.0.5, VMware Pl
50RIESGO
abrir ↗Metasploit300
VMWare OVF Tools Format String Vulnerability
Format string vulnerability in VMware OVF Tool 2.1 on Windows, as used in VMware Workstation 8.x before 8.0.5, VMware Pl
50RIESGO
abrir ↗Metasploit300
Apple QuickTime 7.7.2 MIME Type Buffer Overflow
Buffer overflow in the plugin in Apple QuickTime before 7.7.3 allows remote attackers to execute arbitrary code or cause
50RIESGO
abrir ↗Metasploit300
Apple QuickTime 7.7.2 TeXML Style Element font-table Field Stack Buffer Overflow
Multiple buffer overflows in Apple QuickTime before 7.7.3 allow remote attackers to execute arbitrary code or cause a de
50RIESGO
abrir ↗Metasploit300
XBMC Web Server Directory Traversal
XBMC ≤ 11.0 Web Server Path Traversal
36RIESGO
abrir ↗Metasploit300
Axigen Arbitrary File Read and Delete
Multiple directory traversal vulnerabilities in the View Log Files component in Axigen Free Mail Server allow remote att
60RIESGO
abrir ↗Metasploit600
Invision IP.Board unserialize() PHP Code Execution
Unspecified vulnerability in admin/sources/base/core.php in Invision Power Board (aka IPB or IP.Board) 3.1.x through 3.3
43RIESGO
abrir ↗Metasploit300
Bitweaver overlay_type Directory Traversal
Directory traversal vulnerability in gmap/view_overlay.php in Bitweaver 2.8.1 and earlier allows remote attackers to rea
50RIESGO
abrir ↗Metasploit300
ClanSphere 2011.3 Local File Inclusion Vulnerability
ClanSphere 2011.3 Local File Inclusion via cs_lang Cookie
36RIESGO
abrir ↗Metasploit600
Mutiny Remote Command Execution
Mutiny Standard before 4.5-1.12 allows remote attackers to execute arbitrary commands via the network-interface menu, re
43RIESGO
abrir ↗Metasploit300
Drupal OpenID External Entity Injection
The OpenID module in Drupal 7.x before 7.16 allows remote OpenID servers to read arbitrary files via a crafted DOCTYPE d
23RIESGO
abrir ↗Metasploit600
Java Applet AverageRangeStatisticImpl Remote Code Execution
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allow
100RIESGO
abrir ↗Metasploit600
Java Applet JAX-WS Remote Code Execution
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allow
100RIESGO
abrir ↗Metasploit600
Java Applet Method Handle Remote Code Execution
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allow
60RIESGO
abrir ↗Metasploit600
Sun Java Web Start Double Quote Injection
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and
50RIESGO
abrir ↗Metasploit600
Ektron 8.02 XSLT Transform Remote Code Execution
Ektron Content Management System (CMS) before 8.02 SP5 uses the XslCompiledTransform class with enablescript set to true
50RIESGO
abrir ↗Metasploit500
Windows Escalate Service Permissions Local Privilege Escalation
Active Directory Domain Services Elevation of Privilege Vulnerability
41RIESGO
abrir ↗Metasploit300
MS11-081 Microsoft Internet Explorer Option Element Use-After-Free
Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to exe
50RIESGO
abrir ↗Metasploit0
D-Link DIR-605L Captcha Handling Buffer Overflow
D-Link DIR-605L Captcha Handling Buffer Overflow
63RIESGO
abrir ↗Metasploit600
Project Pier Arbitrary File Upload Vulnerability
Project Pier <= 0.8.8 Arbitrary File Upload RCE
63RIESGO
abrir ↗Metasploit600
PhpTax pfilez Parameter Exec Remote Code Injection
PhpTax pfilez Parameter Exec Remote Code Injection
63RIESGO
abrir ↗Metasploit500
Turbo FTP Server 1.30.823 PORT Overflow
Turbo FTP Server 1.30.823/826 PORT Command Buffer Overflow
43RIESGO
abrir ↗Metasploit300
phpMyAdmin 3.5.2.2 server_sync.php Backdoor
phpMyAdmin 3.5.2.2, as distributed by the cdnetworks-kr-1 mirror during an unspecified time frame in 2012, contains an e
60RIESGO
abrir ↗Metasploit600
Kloxo Local Privilege Escalation
Kloxo <= 6.1.12 Local Privilege Escalation
36RIESGO
abrir ↗Metasploit600
ZEN Load Balancer Filelog Command Execution
ZEN Load Balancer Filelog Command Execution
63RIESGO
abrir ↗Metasploit600
Auxilium RateMyPet Arbitrary File Upload Vulnerability
Auxilium RateMyPet Arbitrary File Upload RCE
63RIESGO
abrir ↗Metasploit400
MS12-063 Microsoft Internet Explorer execCommand Use-After-Free Vulnerability
Use-after-free vulnerability in the CMshtmlEd::Exec function in mshtml.dll in Microsoft Internet Explorer 6 through 9 al
100RIESGO
abrir ↗Metasploit600
Webmin /file/show.cgi Remote Command Execution
file/show.cgi in Webmin 1.590 and earlier allows remote authenticated users to execute arbitrary commands via an invalid
50RIESGO
abrir ↗Metasploit300
Webmin edit_html.cgi file Parameter Traversal Arbitrary File Access
file/edit_html.cgi in Webmin 1.590 and earlier does not perform an authorization check before showing a file's unedited
23RIESGO
abrir ↗Indexamos solo el enlace público a la prueba de concepto — nunca alojamos ni redistribuimos código de explotación. Fuentes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit y VulnCheck XDB. La existencia de PoC pública no significa que la falla sea explotable en tu entorno.