Python Exploits

5,949 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-115326 EXPLOITDB python VERIFIED
GFI Faxmaker Fax Viewer 10.0 (build 237) - Denial of Service (PoC)
by loneferret
EIP-2026-116643 EXPLOITDB python
zFTPServer - 'cwd/stat' Remote Denial of Service
by Myo Soe
EIP-2026-115125 EXPLOITDB python VERIFIED
Cyclope Internet Filtering Proxy 4.0 - 'CEPMServer.exe' Denial of Service (PoC)
by loneferret
EIP-2026-119357 EXPLOITDB python VERIFIED
Cyclope Internet Filtering Proxy 4.0 - Persistent Cross-Site Scripting
by loneferret
CVE-2011-1965 EXPLOITDB python
Microsoft Windows 7 Gold & SP1/Windows Server 2008 R2 & R2 SP1 - DoS
Tcpip.sys in the TCP/IP stack in Microsoft Windows 7 Gold and SP1 and Windows Server 2008 R2 and R2 SP1 does not properly implement URL-based QoS, which allows remote attackers to cause a denial of service (reboot) via a crafted URL to a web server, aka "TCP/IP QOS Denial of Service Vulnerability."
by Byoungyoung Lee
CVE-2011-3368 EXPLOITDB python VERIFIED
Apache HTTP Server <2.2.22 - SSRF
The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an initial @ (at sign) character.
by Rodrigo Marcos
CVE-2009-0450 EXPLOITDB python
BlazeVideo HDTV Player <3.5 - Buffer Overflow
Stack-based buffer overflow in BlazeVideo HDTV Player 3.5 and earlier allows remote attackers to execute arbitrary code via a long string in a playlist (aka .plf) file.
by modpr0be
CVE-2011-4572 EXPLOITDB python
Codefuture CF Image Hosting Script - XSS
Cross-site scripting (XSS) vulnerability in inc/tesmodrewite.php in CF Image Hosting Script 1.3.82, 1.4.1, and probably other versions before 1.4.2 allows remote attackers to inject arbitrary web script or HTML via the q parameter. NOTE: this was originally reported as a file disclosure vulnerability, but this is likely inaccurate.
by bd0rk
EIP-2026-118566 EXPLOITDB python VERIFIED
Freefloat FTP Server - Remote Buffer Overflow (DEP Bypass)
by blake
CVE-2011-3493 EXPLOITDB python VERIFIED
Cogent DataHub <7.1.1.63 - Buffer Overflow
Multiple stack-based buffer overflows in the DH_OneSecondTick function in Cogent DataHub 7.1.1.63 and earlier allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long (1) domain, (2) report_domain, (3) register_datahub, or (4) slave commands.
by mr_me
CVE-2011-3976 EXPLOITDB python VERIFIED
AmmSoft ScriptFTP 3.3 - Buffer Overflow
Stack-based buffer overflow in AmmSoft ScriptFTP 3.3 allows remote FTP servers to execute arbitrary code via a long filename in a response to a LIST command, as demonstrated using (1) GETLIST or (2) GETFILE in a ScriptFTP script.
by modpr0be
CVE-2011-3575 EXPLOITDB python VERIFIED
IBM Lotus Domino 8.5.2 - Buffer Overflow
Stack-based buffer overflow in the NSFComputeEvaluateExt function in Nnotes.dll in IBM Lotus Domino 8.5.2 allows remote authenticated users to execute arbitrary code via a long tHPRAgentName parameter in an fmHttpPostRequest OpenForm action to WebAdmin.nsf.
by rmallof
EIP-2026-116857 EXPLOITDB python VERIFIED
AVCon - DEP Bypass
by blake
CVE-2011-5166 EXPLOITDB python VERIFIED
Elif Keir Knftp - Memory Corruption
Multiple stack-based buffer overflows in KnFTP 1.0.0 allow remote attackers to execute arbitrary code via a long string to the (1) USER, (2) PASS, (3) REIN, (4) QUIT, (5) PORT, (6) PASV, (7) TYPE, (8) STRU, (9) MODE, (10) RETR, (11) STOR, (12) APPE, (13) ALLO, (14) REST, (15) RNFR, (16) RNTO, (17) ABOR, (18) DELE, (19) CWD, (20) LIST, (21) NLST, (22) SITE, (23) STST, (24) HELP, (25) NOOP, (26) MKD, (27) RMD, (28) PWD, (29) CDUP, (30) STOU, (31) SNMT, (32) SYST, and (33) XPWD commands.
by loneferret
EIP-2026-117657 EXPLOITDB python VERIFIED
MY MP3 Player 3.0 - '.m3u' DEP Bypass
by blake
CVE-2009-1325 EXPLOITDB python VERIFIED
Mini-stream Ripper - Memory Corruption
Stack-based buffer overflow in Mini-stream Ripper 3.0.1.1 allows remote attackers to execute arbitrary code via a long URI in a playlist (.m3u) file.
by blake
CVE-2011-5166 EXPLOITDB python VERIFIED
Elif Keir Knftp - Memory Corruption
Multiple stack-based buffer overflows in KnFTP 1.0.0 allow remote attackers to execute arbitrary code via a long string to the (1) USER, (2) PASS, (3) REIN, (4) QUIT, (5) PORT, (6) PASV, (7) TYPE, (8) STRU, (9) MODE, (10) RETR, (11) STOR, (12) APPE, (13) ALLO, (14) REST, (15) RNFR, (16) RNTO, (17) ABOR, (18) DELE, (19) CWD, (20) LIST, (21) NLST, (22) SITE, (23) STST, (24) HELP, (25) NOOP, (26) MKD, (27) RMD, (28) PWD, (29) CDUP, (30) STOU, (31) SNMT, (32) SYST, and (33) XPWD commands.
by blake
EIP-2026-118091 EXPLOITDB python VERIFIED
Wav Player 1.1.3.6 - '.pll' Local Buffer Overflow
by Iván García Ferreira
EIP-2026-115617 EXPLOITDB python VERIFIED
MelOn Player 1.0.11.x - Denial of Service (PoC)
by modpr0be
EIP-2026-115108 EXPLOITDB python
Crush FTP 5 - 'APPE' Remote JVM Blue Screen of Death (PoC)
by BSOD Digital
CVE-2007-3068 EXPLOITDB python VERIFIED
DVD X Studios Dvd X Player - Buffer Overflow
Stack-based buffer overflow in DVD X Player 4.1 Professional allows remote attackers to execute arbitrary code via a PLF playlist containing a long filename.
by blake
EIP-2026-118349 EXPLOITDB python VERIFIED
Cerberus FTP Server 4.0.9.8 - Remote Buffer Overflow
by KedAns-Dz
EIP-2026-116995 EXPLOITDB python
CoolPlayer Portable 2.19.2 - Local Buffer Overflow (ASLR Bypass) (1)
by blake
EIP-2026-115839 EXPLOITDB python VERIFIED
Mini FTP Server 1.1 - Buffer Corruption Remote Denial of Service
by LiquidWorm
EIP-2026-117191 EXPLOITDB python VERIFIED
Free MP3 CD Ripper 1.1 - DEP Bypass
by C4SS!0 G0M3S
By Source
All 5,949 Writeup 54,687 Exploitdb 50,186 Nomisec 21,443 Metasploit 3,228 Github 2,587 Vulncheck_xdb 904 Inthewild 518 Gitlab 441 Gitee 415 Patchapalooza 312
By Language
text 31,364 ruby 5,960 python 5,949 c 3,580 perl 2,854 html 2,056 php 1,334 bash 459 java 362 javascript 260 c++ 250 shell 95 go 55 postscript 25 xml 24