Explotación pública

Catálogo de exploits

Todo exploit público que catalogamos, en un solo índice. Busca por CVE, nombre del exploit o tecnología — y mira, al lado, lo que la falla realmente vale: severidad, probabilidad de explotación y si ya está bajo ataque.

71.294exploits catalogados
31.742CVEs con explotación pública
0probados en laboratorio
3462 exploits
Metasploit600
WordPress Plugin Advanced Custom Fields Remote File Inclusion
CVE-2012-10025CRITICAL14 nov 2012
WordPress Plugin Advanced Custom Fields <= 3.5.1 Remote File Inclusion
63RIESGO
abrir
Metasploit300
VMWare OVF Tools Format String Vulnerability
CVE-2012-356908 nov 2012
Format string vulnerability in VMware OVF Tool 2.1 on Windows, as used in VMware Workstation 8.x before 8.0.5, VMware Pl
50RIESGO
abrir
Metasploit300
VMWare OVF Tools Format String Vulnerability
CVE-2012-356908 nov 2012
Format string vulnerability in VMware OVF Tool 2.1 on Windows, as used in VMware Workstation 8.x before 8.0.5, VMware Pl
50RIESGO
abrir
Metasploit300
Apple QuickTime 7.7.2 MIME Type Buffer Overflow
CVE-2012-375307 nov 2012
Buffer overflow in the plugin in Apple QuickTime before 7.7.3 allows remote attackers to execute arbitrary code or cause
50RIESGO
abrir
Metasploit300
Apple QuickTime 7.7.2 TeXML Style Element font-table Field Stack Buffer Overflow
CVE-2012-375207 nov 2012
Multiple buffer overflows in Apple QuickTime before 7.7.3 allow remote attackers to execute arbitrary code or cause a de
50RIESGO
abrir
Metasploit300
XBMC Web Server Directory Traversal
CVE-2012-10024HIGH04 nov 2012
XBMC ≤ 11.0 Web Server Path Traversal
36RIESGO
abrir
Metasploit300
Axigen Arbitrary File Read and Delete
CVE-2012-494031 oct 2012
Multiple directory traversal vulnerabilities in the View Log Files component in Axigen Free Mail Server allow remote att
60RIESGO
abrir
Metasploit600
Invision IP.Board unserialize() PHP Code Execution
CVE-2012-569225 oct 2012
Unspecified vulnerability in admin/sources/base/core.php in Invision Power Board (aka IPB or IP.Board) 3.1.x through 3.3
43RIESGO
abrir
Metasploit300
Bitweaver overlay_type Directory Traversal
CVE-2012-519223 oct 2012
Directory traversal vulnerability in gmap/view_overlay.php in Bitweaver 2.8.1 and earlier allows remote attackers to rea
50RIESGO
abrir
Metasploit300
ClanSphere 2011.3 Local File Inclusion Vulnerability
CVE-2012-10034HIGH23 oct 2012
ClanSphere 2011.3 Local File Inclusion via cs_lang Cookie
36RIESGO
abrir
Metasploit600
Mutiny Remote Command Execution
CVE-2012-300122 oct 2012
Mutiny Standard before 4.5-1.12 allows remote attackers to execute arbitrary commands via the network-interface menu, re
43RIESGO
abrir
Metasploit300
Drupal OpenID External Entity Injection
CVE-2012-455417 oct 2012
The OpenID module in Drupal 7.x before 7.16 allows remote OpenID servers to read arbitrary files via a crafted DOCTYPE d
23RIESGO
abrir
Metasploit600
Java Applet AverageRangeStatisticImpl Remote Code Execution
CVE-2012-5076CRITICALbajo ataque16 oct 2012
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allow
100RIESGO
abrir
Metasploit600
Java Applet JAX-WS Remote Code Execution
CVE-2012-5076CRITICALbajo ataque16 oct 2012
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allow
100RIESGO
abrir
Metasploit600
Java Applet Method Handle Remote Code Execution
CVE-2012-508816 oct 2012
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allow
60RIESGO
abrir
Metasploit600
Sun Java Web Start Double Quote Injection
CVE-2012-153316 oct 2012
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and
50RIESGO
abrir
Metasploit600
Ektron 8.02 XSLT Transform Remote Code Execution
CVE-2012-535716 oct 2012
Ektron Content Management System (CMS) before 8.02 SP5 uses the XslCompiledTransform class with enablescript set to true
50RIESGO
abrir
Metasploit500
Windows Escalate Service Permissions Local Privilege Escalation
CVE-2025-21293HIGH15 oct 2012
Active Directory Domain Services Elevation of Privilege Vulnerability
41RIESGO
abrir
Metasploit300
MS11-081 Microsoft Internet Explorer Option Element Use-After-Free
CVE-2011-199611 oct 2012
Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to exe
50RIESGO
abrir
Metasploit0
D-Link DIR-605L Captcha Handling Buffer Overflow
CVE-2012-10021CRITICAL08 oct 2012
D-Link DIR-605L Captcha Handling Buffer Overflow
63RIESGO
abrir
Metasploit600
Project Pier Arbitrary File Upload Vulnerability
CVE-2012-10036CRITICAL08 oct 2012
Project Pier <= 0.8.8 Arbitrary File Upload RCE
63RIESGO
abrir
Metasploit600
PhpTax pfilez Parameter Exec Remote Code Injection
CVE-2012-10037CRITICAL08 oct 2012
PhpTax pfilez Parameter Exec Remote Code Injection
63RIESGO
abrir
Metasploit500
Turbo FTP Server 1.30.823 PORT Overflow
CVE-2012-10035CRITICAL03 oct 2012
Turbo FTP Server 1.30.823/826 PORT Command Buffer Overflow
43RIESGO
abrir
Metasploit300
phpMyAdmin 3.5.2.2 server_sync.php Backdoor
CVE-2012-515925 sep 2012
phpMyAdmin 3.5.2.2, as distributed by the cdnetworks-kr-1 mirror during an unspecified time frame in 2012, contains an e
60RIESGO
abrir
Metasploit600
Kloxo Local Privilege Escalation
CVE-2012-10022HIGH18 sep 2012
Kloxo <= 6.1.12 Local Privilege Escalation
36RIESGO
abrir
Metasploit600
ZEN Load Balancer Filelog Command Execution
CVE-2012-10039CRITICAL14 sep 2012
ZEN Load Balancer Filelog Command Execution
63RIESGO
abrir
Metasploit600
Auxilium RateMyPet Arbitrary File Upload Vulnerability
CVE-2012-10038CRITICAL14 sep 2012
Auxilium RateMyPet Arbitrary File Upload RCE
63RIESGO
abrir
Metasploit400
MS12-063 Microsoft Internet Explorer execCommand Use-After-Free Vulnerability
CVE-2012-4969HIGHbajo ataque14 sep 2012
Use-after-free vulnerability in the CMshtmlEd::Exec function in mshtml.dll in Microsoft Internet Explorer 6 through 9 al
100RIESGO
abrir
Metasploit600
Webmin /file/show.cgi Remote Command Execution
CVE-2012-298206 sep 2012
file/show.cgi in Webmin 1.590 and earlier allows remote authenticated users to execute arbitrary commands via an invalid
50RIESGO
abrir
Metasploit300
Webmin edit_html.cgi file Parameter Traversal Arbitrary File Access
CVE-2012-298306 sep 2012
file/edit_html.cgi in Webmin 1.590 and earlier does not perform an authorization check before showing a file's unedited
23RIESGO
abrir

Indexamos solo el enlace público a la prueba de concepto — nunca alojamos ni redistribuimos código de explotación. Fuentes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit y VulnCheck XDB. La existencia de PoC pública no significa que la falla sea explotable en tu entorno.