Python Exploits

5,949 exploits tracked across all sources.

Sort: Activity Stars

EIP-2026-109440 EXPLOITDB python VERIFIED

Mibew Messenger 1.6.4 - 'threadid' SQL Injection

by Ucha Gobejishvili

View

CVE-2012-4178 EXPLOITDB python VERIFIED

Symantec Web Gateway - SQL Injection

SQL injection vulnerability in spywall/includes/deptUploads_data.php in Symantec Web Gateway 5.0.3.18 allows remote attackers to execute arbitrary SQL commands via the groupid parameter.

by Kc57

View

EIP-2026-104514 EXPLOITDB python VERIFIED

Zenoss 3.2.1 - (Authenticated) Remote Command Execution

by Brendan Coles

View

CVE-2009-1328 EXPLOITDB python VERIFIED

Mini-stream Rm-mp3 Converter - Memory Corruption

Stack-based buffer overflow in Mini-stream RM-MP3 Converter 3.0.0.7 allows remote attackers to execute arbitrary code via a long URI in a playlist (.m3u) file.

by Ptrace Security

View

CVE-2012-3571 EXPLOITDB python VERIFIED

ISC Dhcp - Memory Corruption

ISC DHCP 4.1.2 through 4.2.4 and 4.1-ESV before 4.1-ESV-R6 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed client identifier.

by Markus Hietava

View

CVE-2012-3435 EXPLOITDB python VERIFIED

Zabbix < 1.8.15 - SQL Injection

SQL injection vulnerability in frontends/php/popup_bitem.php in Zabbix 1.8.15rc1 and earlier, and 2.x before 2.0.2rc1, allows remote attackers to execute arbitrary SQL commands via the itemid parameter.

by muts

View

CVE-2012-2957 EXPLOITDB python VERIFIED

Symantec Web Gateway <5.0.3.18 - Privilege Escalation

The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows local users to gain privileges by modifying files, related to a "file inclusion" issue.

by muts

View

CVE-2012-2953 EXPLOITDB python VERIFIED

Symantec Web Gateway <5.0.3.18 - RCE

The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to execute arbitrary commands via crafted input to application scripts.

by muts

View

EIP-2026-117659 EXPLOITDB python

MyMp3 Player Stack - '.m3u' File DEP Bypass

by Daniel Romero

View

CVE-2012-3835 EXPLOITDB python VERIFIED

Alienvault Open Source Security Information Management - XSS

Multiple cross-site scripting (XSS) vulnerabilities in AlienVault Open Source Security Information Management (OSSIM) 3.1 allow remote attackers to inject arbitrary web script or HTML via the (1) url parameter to top.php or (2) time[0][0] parameter to forensics/base_qry_main.php, which is not properly handled in an error page.

by muts

View

CVE-2012-2574 EXPLOITDB python VERIFIED

Symantec Web Gateway <5.0.3.18 - SQL Injection

SQL injection vulnerability in the management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to a "blind SQL injection" issue.

by muts

View

CVE-2012-2962 EXPLOITDB python VERIFIED

Plixer Scrutinizer <9.5.2 - SQL Injection

SQL injection vulnerability in d4d/statusFilter.php in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) before 9.5.2 allows remote authenticated users to execute arbitrary SQL commands via the q parameter.

by muts

View

CVE-2012-2593 EXPLOITDB MEDIUM python VERIFIED

Atmail Webmail Server 6.4 - XSS

Cross-site scripting (XSS) vulnerability in the administrative interface in Atmail Webmail Server 6.4 allows remote attackers to inject arbitrary web script or HTML via the Date field of an email.

by muts

CVSS 6.1

View

EIP-2026-102721 EXPLOITDB python VERIFIED

ptunnel 0.72 - Remote Denial of Service

by st3n

View

CVE-2012-6303 EXPLOITDB python VERIFIED

KTH Snack Sound Toolkit - Memory Corruption

Heap-based buffer overflow in the GetWavHeader function in generic/jkSoundFile.c in the Snack Sound Toolkit, as used in WaveSurfer 1.8.8p4, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large chunk size in a WAV file.

by Jean Pascal Pereira

View

EIP-2026-118249 EXPLOITDB python VERIFIED

ALLMediaServer 0.8 - Remote Overflow (SEH)

by motaz reda

View

CVE-2011-3478 EXPLOITDB python VERIFIED

Symantec pcAnywhere <12.5.3 - RCE

The host-services component in Symantec pcAnywhere 12.5.x through 12.5.3, and IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), does not properly filter login and authentication data, which allows remote attackers to execute arbitrary code via a crafted session on TCP port 5631.

by S2 Crew

View

CVE-2011-4222 EXPLOITDB python VERIFIED

Investintech.com Able2Extract - DoS/Code Injection

Unspecified vulnerability in Investintech.com Able2Extract and Able2Extract Server allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted document.

by Carlos Mario Penagos Hollmann

View

CVE-2012-1830 EXPLOITDB python VERIFIED

Wellintech Kingview < 6.53 - Memory Corruption

Stack-based buffer overflow in WellinTech KingView 6.53 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 555.

by Carlos Mario Penagos Hollmann

View

CVE-2011-4222 EXPLOITDB python VERIFIED

Investintech.com Able2Extract - DoS/Code Injection

by Carlos Mario Penagos Hollmann

View

CVE-2011-4222 EXPLOITDB python VERIFIED

Investintech.com Able2Extract - DoS/Code Injection

by Carlos Mario Penagos Hollmann

View

EIP-2026-117986 EXPLOITDB python VERIFIED

Sysax 5.62 - Admin Interface Local Buffer Overflow

by Craig Freyman

View

CVE-2011-0922 EXPLOITDB python VERIFIED

HP Data Protector - Improper Input Validation

The client in HP Data Protector allows remote attackers to execute arbitrary programs via an EXEC_SETUP command that references a UNC share pathname.

by Ben Turner

View

EIP-2026-118529 EXPLOITDB python VERIFIED

EZHomeTech Ezserver 6.4 - Remote Stack Overflow

by modpr0be

View

EIP-2026-116424 EXPLOITDB python VERIFIED

Total Video Player 1.31 - '.m3u' Crash (PoC)

by 0dem

View

By Source

All 5,949

By Language

python 5,949