Python Exploits
5,917 exploits tracked across all sources.
Goron WebServer 2.0 - Multiple Vulnerabilities
by Guillaume Kaddouch
Samsung Smart Home Camera SNH-P-6410 - Command Injection
by PentestPartners
FreePBX 13/14 - Remote Command Execution / Privilege Escalation
by pgt
vBulletin <4.2.2 PL6-5.2.2 PL1 - SSRF
The media-file upload feature in vBulletin before 3.8.7 Patch Level 6, 3.8.8 before Patch Level 2, 3.8.9 before Patch Level 1, 4.x before 4.2.2 Patch Level 6, 4.2.3 before Patch Level 2, 5.x before 5.2.0 Patch Level 3, 5.2.1 before Patch Level 1, and 5.2.2 before Patch Level 1 allows remote attackers to conduct SSRF attacks via a crafted URL that results in a Redirection HTTP status code.
by Dawid Golunski
CVSS 8.6
zFTP Client 20061220+dfsg3-4.1 Local Buffer Overflow
zFTP Client 20061220+dfsg3-4.1 contains a buffer overflow vulnerability in the NAME parameter handling of FTP connections that allows local attackers to crash the application or execute arbitrary code. Attackers can supply an oversized NAME value exceeding the 80-byte buffer allocated in strcpy_chk to overwrite the instruction pointer and execute shellcode with user privileges.
by Juan Sacco
CVSS 8.4
Halliburton LogView Pro 9.7.5 - '.cgm' / '.tif' / '.tiff' / '.tifh' Crash (PoC)
by Karn Ganeshen
Easy File Sharing Web Server 7.2 - Remote Overflow (Egghunter) (SEH)
by ch3rn0byl
VUPlayer 2.49 - '.pls' File Stack Buffer Overflow (DEP Bypass)
by vportal
phpMyAdmin <4.0.10.16, <4.4.15.7, <4.6.3 - RCE
phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 does not properly choose delimiters to prevent use of the preg_replace e (aka eval) modifier, which might allow remote attackers to execute arbitrary PHP code via a crafted string, as demonstrated by the table search-and-replace implementation.
by @iamsecurity
CVSS 9.8
Ubee EVW3226 <1.0.20 - Info Disclosure
Ubee EVW3226 cable modem/routers firmware versions up to and including 1.0.20 store configuration backup files in the web root after they are generated for download. These backup files remain accessible without authentication until the next reboot. A remote attacker on the local network can request 'Configuration_file.cfg' directly to obtain the backup archive. Because backup files are not encrypted, they expose sensitive information including the plaintext admin password, allowing full compromise of the device.
by Gergely Eberhardt
CoolPlayer+ Portable 2.19.6 - '.m3u' File Stack Overflow (Egghunter + ASLR Bypass)
by Karn Ganeshen
Php < 5.5.37 - Out-of-Bounds Write
The bzread function in ext/bz2/bz2.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via a crafted bz2 archive.
by Hans Jerry Illikainen
CVSS 7.8
Bellini/Supercook Wi-Fi Yumi SC200 - Multiple Vulnerabilities
by James McLean
Technicolor TC7200 Modem/Router STD6.02.11 - Multiple Vulnerabilities
by Gergely Eberhardt
TFTP Server 1.4 - 'WRQ' Remote Buffer Overflow (Egghunter)
by Karn Ganeshen
OpenSSH <7.3 - Info Disclosure
sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password hashing, uses BLOWFISH hashing on a static password when the username does not exist, which allows remote attackers to enumerate users by leveraging the timing difference between responses when a large password is provided.
by 0_o
CVSS 5.9
Axis Communications MPQT/PACS 5.20.x - Server-Side Include Daemon Remote Format String
by bashis
Meinberg IMS-LANTIME - Buffer Overflow
Stack-based buffer overflow in the NTP time-server interface on Meinberg IMS-LANTIME M3000, IMS-LANTIME M1000, IMS-LANTIME M500, LANTIME M900, LANTIME M600, LANTIME M400, LANTIME M300, LANTIME M200, LANTIME M100, SyncFire 1100, and LCES devices with firmware before 6.20.004 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via a crafted parameter in a POST request.
by b0yd
CVSS 7.3
By Source