Exploit is an attempt to use an unsafely written code (vulnerability) for malicious purposes.

In a Joomla site context, exploits can occasionally be found in Joomla itself. They can also be introduced in a Joomla site via a 3rd party Joomla extension. 

To report a security issue to JSST, please go to the "Report Security Issues" page.

To report a security issue found in a 3rd party Joomla extension, go to the "Vulnerability List (VEL) Reporting Form".

Joomla Project has the Joomla Security Strike Team to deal with Joomla CMS security issues.

This video has advice on how to avoid exploits and keep your Joomla site safe: