Python Exploits
6,614 exploits tracked across all sources.
FusionPBX <4.5.30 - Info Disclosure
An issue was discovered in FusionPBX before 4.5.30. The fax_extension may have risky characters (it is not constrained to be numeric).
by Luska
CVSS 8.8
Opencart TMD Vendor System 3.x Blind SQL Injection via product route
Opencart TMD Vendor System 3.x contains a blind SQL injection vulnerability that allows unauthenticated attackers to extract database information by injecting SQL code through the product_id parameter. Attackers can craft malicious SQL queries using time-based or content-based blind injection techniques to enumerate usernames, emails, and password reset codes from the oc_user table.
by Muhammad Zaki Sulistya
CVSS 8.2
FUEL CMS < 1.4.2 - Unauthenticated Remote Code Execution via Pages Filter or Preview Data Parameter
FUEL CMS 1.4.1 allows PHP Code Evaluation via the pages/select/ filter parameter or the preview/ data parameter. This can lead to Pre-Auth Remote Code Execution.
by Padsala Trushal
CVSS 9.8
YouTube Downloader 1.9.9.1 - Buffer Overflow
YouTube Video Grabber, now referred to as YouTube Downloader, 1.9.9.1 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting the Structured Exception Handler. Attackers can craft a malicious payload of 712 bytes with SEH manipulation to trigger a bind shell connection on a specified local port.
by stresser
CVSS 8.4
Kingdia CD Extractor 3.0.2 - Remote Code Execution via Registration Name Field Overflow
Kingdia CD Extractor 3.0.2 contains a buffer overflow vulnerability in the registration name field that allows attackers to execute arbitrary code. Attackers can craft a malicious payload exceeding 256 bytes to overwrite Structured Exception Handler and gain remote code execution through a bind shell.
by stresser
CVSS 9.8
10-Strike Network Inventory Explorer Pro 9.31 - Remote Code Execution via Text File Import
10-Strike Network Inventory Explorer Pro 9.31 contains a buffer overflow vulnerability in the text file import functionality that allows remote code execution. Attackers can craft a malicious text file with carefully constructed payload to trigger a reverse shell and execute arbitrary code on the target system.
by ro0k
CVSS 9.8
phpMyAdmin 4.8.x <4.8.2 - Code Injection
An issue was discovered in phpMyAdmin 4.8.x before 4.8.2, in which an attacker can include (view and potentially execute) files on the server. The vulnerability comes from a portion of code where pages are redirected and loaded within phpMyAdmin, and an improper test for whitelisted pages. An attacker must be authenticated, except in the "$cfg['AllowArbitraryServer'] = true" case (where an attacker can specify any host he/she is already in control of, and execute arbitrary code on phpMyAdmin) and the "$cfg['ServerDefault'] = 0" case (which bypasses the login requirement and runs the vulnerable code without any authentication).
by samguy
CVSS 8.8
Hikvision IP Camera Unauthenticated Command Injection
A command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation, attacker can exploit the vulnerability to launch a command injection attack by sending some messages with malicious commands.
by bashis
CVSS 9.8
Clinic Management System 1.0 - SQL injection to Remote Code Execution
by Pablo Santiago
NIMax 5.3.1 - 'Remote VISA System' Denial of Service (PoC)
by LinxzSec
Online Motorcycle (Bike) Rental System 1.0 - Blind Time-Based SQL Injection via Login Portal
Online Motorcycle (Bike) Rental System 1.0 is vulnerable to a Blind Time-Based SQL Injection attack within the login portal. This can lead attackers to remotely dump MySQL database credentials.
by Chase Comardelle
CVSS 9.8
Duplicator < 1.3.28 and < 3.8.7.1 - Directory Traversal via File Parameter
The Snap Creek Duplicator plugin before 1.3.28 for WordPress (and Duplicator Pro before 3.8.7.1) allows Directory Traversal via ../ in the file parameter to duplicator_download or duplicator_init.
by nam3lum
CVSS 7.5
Cypress Solutions CTM-200/CTM-ONE <1.3.6 - Code Injection
Cypress Solutions CTM-200/CTM-ONE 1.3.6 contains hard-coded credentials vulnerability in Linux distribution that exposes root access. Attackers can exploit the static 'Chameleon' password to gain remote root access via Telnet or SSH on affected devices.
by LiquidWorm
CVSS 7.5
Keycloak < 13.0.0 - Server-Side Request Forgery via OIDC request_uri Parameter
A flaw was found in Keycloak before 13.0.0, where it is possible to force the server to call out an unverified URL using the OIDC parameter request_uri. This flaw allows an attacker to use this parameter to execute a Server-side request forgery (SSRF) attack.
by Mayank Deshmukh
CVSS 5.3
Maian Cart 3.8 - Unauthenticated Remote Code Execution via Elfinder Plugin
Maian Cart v3.8 contains a preauthorization remote code execution (RCE) exploit via a broken access control issue in the Elfinder plugin.
by DreyAnd
CVSS 9.8
Wordpress BulletProof Security Backup Disclosure
The BulletProof Security WordPress plugin is vulnerable to sensitive information disclosure due to a file path disclosure in the publicly accessible ~/db_backup_log.txt file which grants attackers the full path of the site, in addition to the path of database backup files. This affects versions up to, and including, 5.1.
by Ron Jost
CVSS 5.3
WordPress MStore API 2.0.6 Arbitrary File Upload
WordPress MStore API 2.0.6 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by sending POST requests to the REST API endpoint. Attackers can upload PHP files with arbitrary names to the config_file endpoint to achieve remote code execution on the server.
by spacehen
CVSS 9.8
WordPress TheCartPress 1.5.3.6 Privilege Escalation Unauthenticated
WordPress TheCartPress 1.5.3.6 contains an unauthenticated privilege escalation vulnerability that allows attackers to create administrator accounts by submitting crafted requests to the AJAX handler. Attackers can send POST requests to the tcp_register_and_login_ajax action with tcp_role set to administrator to gain full administrative access without authentication.
by spacehen
CVSS 9.8
OpenGamePanel OGP-Agent-Linux < 2021-08-14 - Authenticated OS Command Injection via Counter-Strike Map Field
An issue was discovered in OpenGamePanel OGP-Agent-Linux through 2021-08-14. An authenticated attacker could inject OS commands by starting a Counter-Strike server and using the map field to enter a Bash command.
by prey
CVSS 8.8
OpenGamePanel OGP-Agent-Linux < 2021-08-14 - Cleartext Storage of Sensitive Information in Config.pm
An issue was discovered in OpenGamePanel OGP-Agent-Linux through 2021-08-14. $HOME/OGP/Cfg/Config.pm has the root password in cleartext.
by prey
CVSS 8.8
CMSimple_XH 1.7.4 - Authenticated Remote Code Execution via Content Editing
CMSimple_XH 1.7.4 contains an authenticated remote code execution vulnerability in the content editing functionality that allows administrative users to upload malicious PHP files. Attackers with valid credentials can exploit the CSRF token mechanism to create a PHP shell file that enables arbitrary command execution on the server.
by Halit AKAYDIN
CVSS 7.2
Vehicle Service Management System 1.0 - Remote Code Execution (RCE) (Unauthenticated)
by Ghuliev
CMSimple 5.4 - Authenticated Remote Code Execution via Template Editing
CMSimple 5.4 contains an authenticated remote code execution vulnerability that allows logged-in attackers to inject malicious PHP code into template files. Attackers can exploit the template editing functionality by crafting a reverse shell payload and saving it through the template editing endpoint with a valid CSRF token.
by pussycat0x
CVSS 8.8
Storage Unit Rental Management System 1.0 - Remote Code Execution (RCE) (Unauthenticated)
by Ghuliev
By Source